diff --git a/Dockerfile b/Dockerfile index a9ca1c604..360ebbd0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 -ARG BUILD_IMAGE=golang:1.26.2@sha256:5f3787b7f902c07c7ec4f3aa91a301a3eda8133aa32661a3b3a3a86ab3a68a36 +ARG BUILD_IMAGE=golang:1.26.2@sha256:b54cbf583d390341599d7bcbc062425c081105cc5ef6d170ced98ef9d047c716 ARG BASE_IMAGE=gcr.io/distroless/static:nonroot@sha256:e3f945647ffb95b5839c07038d64f9811adf17308b9121d8a2b87b6a22a80a39 # Prepare to cross-compile by always running the build stage in the build platform, not the target platform. diff --git a/deploy/concierge/rbac.yaml b/deploy/concierge/rbac.yaml index a4dc2fea0..54c6a6bb8 100644 --- a/deploy/concierge/rbac.yaml +++ b/deploy/concierge/rbac.yaml @@ -1,4 +1,4 @@ -#! Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +#! Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. #! SPDX-License-Identifier: Apache-2.0 #@ load("@ytt:data", "data") @@ -19,7 +19,7 @@ rules: resources: [ apiservices ] verbs: [ get, list, patch, update, watch ] - apiGroups: [ admissionregistration.k8s.io ] - resources: [ validatingwebhookconfigurations, mutatingwebhookconfigurations, validatingadmissionpolicies, validatingadmissionpolicybindings ] + resources: [ validatingwebhookconfigurations, mutatingwebhookconfigurations, validatingadmissionpolicies, validatingadmissionpolicybindings, mutatingadmissionpolicies, mutatingadmissionpolicybindings ] verbs: [ get, list, watch ] - apiGroups: [ flowcontrol.apiserver.k8s.io ] resources: [ flowschemas, prioritylevelconfigurations ] diff --git a/generated/1.30/apis/go.mod b/generated/1.30/apis/go.mod deleted file mode 100644 index daf8a754f..000000000 --- a/generated/1.30/apis/go.mod +++ /dev/null @@ -1,26 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.30/apis - -go 1.22.0 - -require ( - k8s.io/api v0.30.14 - k8s.io/apimachinery v0.30.14 -) - -require ( - github.com/go-logr/logr v1.4.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/json-iterator/go v1.1.12 // indirect - github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect - golang.org/x/net v0.23.0 // indirect - golang.org/x/text v0.14.0 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect -) diff --git a/generated/1.30/apis/go.sum b/generated/1.30/apis/go.sum deleted file mode 100644 index 6d9546cea..000000000 --- a/generated/1.30/apis/go.sum +++ /dev/null @@ -1,91 +0,0 @@ -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.30.14 h1:iPq9YNOz1vHcSuN9YTmRUt8iPpB1cYPxxjgbY25xfS4= -k8s.io/api v0.30.14/go.mod h1:IdrH4AiKc2bqDDb1FAfwcP1pPRmDdyRIqNk4K8KkEoc= -k8s.io/apimachinery v0.30.14 h1:2OvEYwWoWeb25+xzFGP/8gChu+MfRNv24BlCQdnfGzQ= -k8s.io/apimachinery v0.30.14/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= -k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go deleted file mode 100644 index 395083c5d..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeJWTAuthenticators implements JWTAuthenticatorInterface -type FakeJWTAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var jwtauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators") - -var jwtauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator") - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go deleted file mode 100644 index 1cfc5f000..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface -type FakeWebhookAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var webhookauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators") - -var webhookauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator") - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 2d70c58f4..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. -// A group's client should implement this interface. -type JWTAuthenticatorsGetter interface { - JWTAuthenticators() JWTAuthenticatorInterface -} - -// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. -type JWTAuthenticatorInterface interface { - Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) - Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) - JWTAuthenticatorExpansion -} - -// jWTAuthenticators implements JWTAuthenticatorInterface -type jWTAuthenticators struct { - client rest.Interface -} - -// newJWTAuthenticators returns a JWTAuthenticators -func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { - return &jWTAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Get(). - Resource("jwtauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.JWTAuthenticatorList{} - err = c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Post(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("jwtauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("jwtauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Patch(pt). - Resource("jwtauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index bd0edd936..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. -// A group's client should implement this interface. -type WebhookAuthenticatorsGetter interface { - WebhookAuthenticators() WebhookAuthenticatorInterface -} - -// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. -type WebhookAuthenticatorInterface interface { - Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) - Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) - WebhookAuthenticatorExpansion -} - -// webhookAuthenticators implements WebhookAuthenticatorInterface -type webhookAuthenticators struct { - client rest.Interface -} - -// newWebhookAuthenticators returns a WebhookAuthenticators -func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { - return &webhookAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Get(). - Resource("webhookauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookAuthenticatorList{} - err = c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Post(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("webhookauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("webhookauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Patch(pt). - Resource("webhookauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go deleted file mode 100644 index ec14894df..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. -// A group's client should implement this interface. -type CredentialIssuersGetter interface { - CredentialIssuers() CredentialIssuerInterface -} - -// CredentialIssuerInterface has methods to work with CredentialIssuer resources. -type CredentialIssuerInterface interface { - Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) - Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) - CredentialIssuerExpansion -} - -// credentialIssuers implements CredentialIssuerInterface -type credentialIssuers struct { - client rest.Interface -} - -// newCredentialIssuers returns a CredentialIssuers -func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { - return &credentialIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Get(). - Resource("credentialissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.CredentialIssuerList{} - err = c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Post(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("credentialissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("credentialissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Patch(pt). - Resource("credentialissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go deleted file mode 100644 index ce05ba220..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCredentialIssuers implements CredentialIssuerInterface -type FakeCredentialIssuers struct { - Fake *FakeConfigV1alpha1 -} - -var credentialissuersResource = v1alpha1.SchemeGroupVersion.WithResource("credentialissuers") - -var credentialissuersKind = v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer") - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} - for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go deleted file mode 100644 index 108d2f37f..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeWhoAmIRequests implements WhoAmIRequestInterface -type FakeWhoAmIRequests struct { - Fake *FakeIdentityV1alpha1 -} - -var whoamirequestsResource = v1alpha1.SchemeGroupVersion.WithResource("whoamirequests") - -var whoamirequestsKind = v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest") - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WhoAmIRequest), err -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go deleted file mode 100644 index 768cbdd0b..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. -// A group's client should implement this interface. -type WhoAmIRequestsGetter interface { - WhoAmIRequests() WhoAmIRequestInterface -} - -// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. -type WhoAmIRequestInterface interface { - Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) - WhoAmIRequestExpansion -} - -// whoAmIRequests implements WhoAmIRequestInterface -type whoAmIRequests struct { - client rest.Interface -} - -// newWhoAmIRequests returns a WhoAmIRequests -func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { - return &whoAmIRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - result = &v1alpha1.WhoAmIRequest{} - err = c.client.Post(). - Resource("whoamirequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(whoAmIRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go deleted file mode 100644 index 9881e31a6..000000000 --- a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeTokenCredentialRequests implements TokenCredentialRequestInterface -type FakeTokenCredentialRequests struct { - Fake *FakeLoginV1alpha1 -} - -var tokencredentialrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests") - -var tokencredentialrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest") - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.TokenCredentialRequest), err -} diff --git a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index b6f285882..000000000 --- a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorInformer provides access to a shared informer and lister for -// JWTAuthenticators. -type JWTAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.JWTAuthenticatorLister -} - -type jWTAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.JWTAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) -} - -func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { - return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index afef192f8..000000000 --- a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorInformer provides access to a shared informer and lister for -// WebhookAuthenticators. -type WebhookAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookAuthenticatorLister -} - -type webhookAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.WebhookAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) -} - -func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { - return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 1c64287ed..000000000 --- a/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerInformer provides access to a shared informer and lister for -// CredentialIssuers. -type CredentialIssuerInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.CredentialIssuerLister -} - -type credentialIssuerInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) - }, - }, - &configv1alpha1.CredentialIssuer{}, - resyncPeriod, - indexers, - ) -} - -func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) -} - -func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { - return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.30/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index bbfa84d7c..000000000 --- a/generated/1.30/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorLister helps list JWTAuthenticators. -// All objects returned here must be treated as read-only. -type JWTAuthenticatorLister interface { - // List lists all JWTAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) - // Get retrieves the JWTAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.JWTAuthenticator, error) - JWTAuthenticatorListerExpansion -} - -// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. -type jWTAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. -func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { - return &jWTAuthenticatorLister{indexer: indexer} -} - -// List lists all JWTAuthenticators in the indexer. -func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) - }) - return ret, err -} - -// Get retrieves the JWTAuthenticator from the index for a given name. -func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) - } - return obj.(*v1alpha1.JWTAuthenticator), nil -} diff --git a/generated/1.30/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.30/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 92c018f08..000000000 --- a/generated/1.30/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorLister helps list WebhookAuthenticators. -// All objects returned here must be treated as read-only. -type WebhookAuthenticatorLister interface { - // List lists all WebhookAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) - // Get retrieves the WebhookAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookAuthenticator, error) - WebhookAuthenticatorListerExpansion -} - -// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. -type webhookAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. -func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { - return &webhookAuthenticatorLister{indexer: indexer} -} - -// List lists all WebhookAuthenticators in the indexer. -func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) - }) - return ret, err -} - -// Get retrieves the WebhookAuthenticator from the index for a given name. -func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) - } - return obj.(*v1alpha1.WebhookAuthenticator), nil -} diff --git a/generated/1.30/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.30/client/concierge/listers/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 69f1a5829..000000000 --- a/generated/1.30/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerLister helps list CredentialIssuers. -// All objects returned here must be treated as read-only. -type CredentialIssuerLister interface { - // List lists all CredentialIssuers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) - // Get retrieves the CredentialIssuer from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.CredentialIssuer, error) - CredentialIssuerListerExpansion -} - -// credentialIssuerLister implements the CredentialIssuerLister interface. -type credentialIssuerLister struct { - indexer cache.Indexer -} - -// NewCredentialIssuerLister returns a new CredentialIssuerLister. -func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { - return &credentialIssuerLister{indexer: indexer} -} - -// List lists all CredentialIssuers in the indexer. -func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.CredentialIssuer)) - }) - return ret, err -} - -// Get retrieves the CredentialIssuer from the index for a given name. -func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) - } - return obj.(*v1alpha1.CredentialIssuer), nil -} diff --git a/generated/1.30/client/go.mod b/generated/1.30/client/go.mod deleted file mode 100644 index 7a251b20c..000000000 --- a/generated/1.30/client/go.mod +++ /dev/null @@ -1,53 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.30/client - -go 1.22.0 - -replace go.pinniped.dev/generated/1.30/apis => ../apis - -require ( - go.pinniped.dev/generated/1.30/apis v0.0.0 - k8s.io/apimachinery v0.30.14 - k8s.io/client-go v0.30.14 - k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 -) - -require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v4.12.0+incompatible // indirect - github.com/go-logr/logr v1.4.1 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/protobuf v1.5.4 // indirect - github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.6.0 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/josharian/intern v1.0.0 // indirect - github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect - github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect - golang.org/x/net v0.23.0 // indirect - golang.org/x/oauth2 v0.10.0 // indirect - golang.org/x/sys v0.18.0 // indirect - golang.org/x/term v0.18.0 // indirect - golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.33.0 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.30.14 // indirect - k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect -) diff --git a/generated/1.30/client/go.sum b/generated/1.30/client/go.sum deleted file mode 100644 index 72b76cd27..000000000 --- a/generated/1.30/client/go.sum +++ /dev/null @@ -1,154 +0,0 @@ -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= -github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= -github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE= -github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= -golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.30.14 h1:iPq9YNOz1vHcSuN9YTmRUt8iPpB1cYPxxjgbY25xfS4= -k8s.io/api v0.30.14/go.mod h1:IdrH4AiKc2bqDDb1FAfwcP1pPRmDdyRIqNk4K8KkEoc= -k8s.io/apimachinery v0.30.14 h1:2OvEYwWoWeb25+xzFGP/8gChu+MfRNv24BlCQdnfGzQ= -k8s.io/apimachinery v0.30.14/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/client-go v0.30.14 h1:D81QZvBtv897JU4HRsx4YoaCDnzeZSvB8eApgmbtXVA= -k8s.io/client-go v0.30.14/go.mod h1:9ytP3kKzrz3ZWavlWih4NB0mTdYA0DB1ElBHimq+JqQ= -k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= -k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go deleted file mode 100644 index 7038f02a2..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type FakeOIDCClientSecretRequests struct { - Fake *FakeClientsecretV1alpha1 - ns string -} - -var oidcclientsecretrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests") - -var oidcclientsecretrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest") - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *FakeOIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsecretrequestsResource, c.ns, oIDCClientSecretRequest), &v1alpha1.OIDCClientSecretRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClientSecretRequest), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go deleted file mode 100644 index 4fb703a21..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. -// A group's client should implement this interface. -type OIDCClientSecretRequestsGetter interface { - OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface -} - -// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. -type OIDCClientSecretRequestInterface interface { - Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*v1alpha1.OIDCClientSecretRequest, error) - OIDCClientSecretRequestExpansion -} - -// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type oIDCClientSecretRequests struct { - client rest.Interface - ns string -} - -// newOIDCClientSecretRequests returns a OIDCClientSecretRequests -func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { - return &oIDCClientSecretRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *oIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - result = &v1alpha1.OIDCClientSecretRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclientsecretrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClientSecretRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go deleted file mode 100644 index 2d35d1194..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeFederationDomains implements FederationDomainInterface -type FakeFederationDomains struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var federationdomainsResource = v1alpha1.SchemeGroupVersion.WithResource("federationdomains") - -var federationdomainsKind = v1alpha1.SchemeGroupVersion.WithKind("FederationDomain") - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} - for _, item := range obj.(*v1alpha1.FederationDomainList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) - -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) - return err -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index 0f3561982..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var oidcclientsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclients") - -var oidcclientsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClient") - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcclientsResource, c.ns, name, opts), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go deleted file mode 100644 index 06ec46a6c..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// FederationDomainsGetter has a method to return a FederationDomainInterface. -// A group's client should implement this interface. -type FederationDomainsGetter interface { - FederationDomains(namespace string) FederationDomainInterface -} - -// FederationDomainInterface has methods to work with FederationDomain resources. -type FederationDomainInterface interface { - Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) - Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) - FederationDomainExpansion -} - -// federationDomains implements FederationDomainInterface -type federationDomains struct { - client rest.Interface - ns string -} - -// newFederationDomains returns a FederationDomains -func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { - return &federationDomains{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.FederationDomainList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Post(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go deleted file mode 100644 index dc2d7be8e..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCClientsGetter has a method to return a OIDCClientInterface. -// A group's client should implement this interface. -type OIDCClientsGetter interface { - OIDCClients(namespace string) OIDCClientInterface -} - -// OIDCClientInterface has methods to work with OIDCClient resources. -type OIDCClientInterface interface { - Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (*v1alpha1.OIDCClient, error) - Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCClient, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCClientList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) - OIDCClientExpansion -} - -// oIDCClients implements OIDCClientInterface -type oIDCClients struct { - client rest.Interface - ns string -} - -// newOIDCClients returns a OIDCClients -func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { - return &oIDCClients{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *oIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *oIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCClientList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *oIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *oIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *oIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 93d2f38ae..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. -// A group's client should implement this interface. -type ActiveDirectoryIdentityProvidersGetter interface { - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface -} - -// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. -type ActiveDirectoryIdentityProviderInterface interface { - Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) - ActiveDirectoryIdentityProviderExpansion -} - -// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type activeDirectoryIdentityProviders struct { - client rest.Interface - ns string -} - -// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders -func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { - return &activeDirectoryIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ActiveDirectoryIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go deleted file mode 100644 index c1bab42f4..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type FakeActiveDirectoryIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var activedirectoryidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders") - -var activedirectoryidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider") - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go deleted file mode 100644 index 95b5a090e..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeGitHubIdentityProviders implements GitHubIdentityProviderInterface -type FakeGitHubIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var githubidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders") - -var githubidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider") - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *FakeGitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(githubidentityprovidersResource, c.ns, name), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *FakeGitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(githubidentityprovidersResource, githubidentityprovidersKind, c.ns, opts), &v1alpha1.GitHubIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.GitHubIdentityProviderList{ListMeta: obj.(*v1alpha1.GitHubIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.GitHubIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *FakeGitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(githubidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeGitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(githubidentityprovidersResource, "status", c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeGitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(githubidentityprovidersResource, c.ns, name, opts), &v1alpha1.GitHubIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeGitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(githubidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.GitHubIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *FakeGitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(githubidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go deleted file mode 100644 index 1bc2a4c81..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface -type FakeLDAPIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var ldapidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders") - -var ldapidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider") - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go deleted file mode 100644 index 671a4ed66..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface -type FakeOIDCIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var oidcidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders") - -var oidcidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider") - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index c56207e2b..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. -// A group's client should implement this interface. -type GitHubIdentityProvidersGetter interface { - GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface -} - -// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. -type GitHubIdentityProviderInterface interface { - Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.GitHubIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.GitHubIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) - GitHubIdentityProviderExpansion -} - -// gitHubIdentityProviders implements GitHubIdentityProviderInterface -type gitHubIdentityProviders struct { - client rest.Interface - ns string -} - -// newGitHubIdentityProviders returns a GitHubIdentityProviders -func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { - return &gitHubIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *gitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *gitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.GitHubIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *gitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *gitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *gitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *gitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *gitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 78360cb0a..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. -// A group's client should implement this interface. -type LDAPIdentityProvidersGetter interface { - LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface -} - -// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. -type LDAPIdentityProviderInterface interface { - Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) - LDAPIdentityProviderExpansion -} - -// lDAPIdentityProviders implements LDAPIdentityProviderInterface -type lDAPIdentityProviders struct { - client rest.Interface - ns string -} - -// newLDAPIdentityProviders returns a LDAPIdentityProviders -func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { - return &lDAPIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.LDAPIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 68c248849..000000000 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. -// A group's client should implement this interface. -type OIDCIdentityProvidersGetter interface { - OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface -} - -// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. -type OIDCIdentityProviderInterface interface { - Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) - OIDCIdentityProviderExpansion -} - -// oIDCIdentityProviders implements OIDCIdentityProviderInterface -type oIDCIdentityProviders struct { - client rest.Interface - ns string -} - -// newOIDCIdentityProviders returns a OIDCIdentityProviders -func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { - return &oIDCIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go deleted file mode 100644 index 2ad921e84..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// FederationDomainInformer provides access to a shared informer and lister for -// FederationDomains. -type FederationDomainInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.FederationDomainLister -} - -type federationDomainInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.FederationDomain{}, - resyncPeriod, - indexers, - ) -} - -func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) -} - -func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { - return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go deleted file mode 100644 index d64af9663..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCClientInformer provides access to a shared informer and lister for -// OIDCClients. -type OIDCClientInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCClientLister -} - -type oIDCClientInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.OIDCClient{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) -} - -func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { - return v1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index b2556286d..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for -// ActiveDirectoryIdentityProviders. -type ActiveDirectoryIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.ActiveDirectoryIdentityProviderLister -} - -type activeDirectoryIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.ActiveDirectoryIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) -} - -func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { - return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 76f3be69d..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// GitHubIdentityProviderInformer provides access to a shared informer and lister for -// GitHubIdentityProviders. -type GitHubIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.GitHubIdentityProviderLister -} - -type gitHubIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.GitHubIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) -} - -func (f *gitHubIdentityProviderInformer) Lister() v1alpha1.GitHubIdentityProviderLister { - return v1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index dafeb6b6c..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// LDAPIdentityProviderInformer provides access to a shared informer and lister for -// LDAPIdentityProviders. -type LDAPIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.LDAPIdentityProviderLister -} - -type lDAPIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.LDAPIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) -} - -func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { - return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index cc10cb34b..000000000 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCIdentityProviderInformer provides access to a shared informer and lister for -// OIDCIdentityProviders. -type OIDCIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCIdentityProviderLister -} - -type oIDCIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.OIDCIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) -} - -func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { - return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.30/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.30/client/supervisor/listers/config/v1alpha1/oidcclient.go deleted file mode 100644 index 75046569e..000000000 --- a/generated/1.30/client/supervisor/listers/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.30/README.adoc b/generated/1.36/README.adoc similarity index 81% rename from generated/1.30/README.adoc rename to generated/1.36/README.adoc index 171e02987..56bb46ecc 100644 --- a/generated/1.30/README.adoc +++ b/generated/1.36/README.adoc @@ -23,32 +23,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -60,14 +60,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-claimvalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-claimvalidationrule"] ==== ClaimValidationRule ClaimValidationRule provides the configuration for a single claim validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -98,14 +98,14 @@ Mutually exclusive with claim and requiredValue. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-extramapping"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-extramapping"] ==== ExtraMapping ExtraMapping provides the configuration for a single extra mapping. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] **** [cols="25a,75a", options="header"] @@ -132,7 +132,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator JWTAuthenticator describes the configuration of a JWT authenticator. @@ -142,41 +142,41 @@ signature, existence of claims, etc.) and extract the username and groups from t .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] ==== JWTAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] ==== JWTAuthenticatorSpec JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] @@ -185,14 +185,14 @@ JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. | *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + also used to validate the "iss" JWT claim. + | *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + +| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + +| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + These allow invariants to be applied to incoming identities such as preventing the + use of the system: prefix that is commonly used by Kubernetes components. + The validation rules are logically ANDed together and must all return true for the validation to pass. + @@ -200,29 +200,29 @@ This is similar to claimValidationRules from Kubernetes AuthenticationConfigurat https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] ==== JWTAuthenticatorStatus JWTAuthenticatorStatus is the status of a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims"] ==== JWTTokenClaims JWTTokenClaims allows customization of the claims that will be mapped to user identity @@ -230,7 +230,7 @@ for Kubernetes access. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -295,7 +295,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + Mutually exclusive with groups. Use either groups or groupsExpression to + determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + +| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + However, note that the Pinniped Concierge issues client certificates to users for the purpose + @@ -336,34 +336,34 @@ This will result in: + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration on various authenticators. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-uservalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-uservalidationrule"] ==== UserValidationRule UserValidationRule provides the configuration for a single user info validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -383,73 +383,73 @@ message is a literal string. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator"] ==== WebhookAuthenticator WebhookAuthenticator describes the configuration of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] ==== WebhookAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] ==== WebhookAuthenticatorSpec Spec for configuring a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] ==== WebhookAuthenticatorStatus Status of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + |=== @@ -461,35 +461,35 @@ Package clientsecret is the internal version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -500,14 +500,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -526,36 +526,36 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -566,14 +566,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -592,125 +592,125 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuer"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer"] ==== CredentialIssuer CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend"] ==== CredentialIssuerFrontend CredentialIssuerFrontend describes how to connect using a particular integration strategy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + This field is only set when Type is "ImpersonationProxy". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec"] ==== CredentialIssuerSpec CredentialIssuerSpec describes the intended configuration of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus"] ==== CredentialIssuerStatus CredentialIssuerStatus describes the status of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy"] ==== CredentialIssuerStrategy CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + +| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + | *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#time-v1-meta[$$Time$$]__ | When the status was last checked. + +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-frontendtype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-frontendtype"] ==== FrontendType (string) FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyinfo"] ==== ImpersonationProxyInfo ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -721,7 +721,7 @@ ImpersonationProxyInfo describes the parameters for the impersonation proxy on t |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxymode"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxymode"] ==== ImpersonationProxyMode (string) ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. @@ -729,25 +729,25 @@ Allowed values are "auto", "enabled", or "disabled". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] ==== ImpersonationProxyServiceSpec ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + @@ -757,7 +757,7 @@ This is not supported on all cloud providers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] ==== ImpersonationProxyServiceType (string) ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. @@ -765,40 +765,40 @@ Allowed values are "LoadBalancer", "ClusterIP", or "None". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec"] ==== ImpersonationProxySpec ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + +| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + - "disabled" explicitly disables the impersonation proxy. This is the default. + - "enabled" explicitly enables the impersonation proxy. + - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + | *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + If this field is empty, the impersonation proxy will generate its own TLS certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] ==== ImpersonationProxyTLSSpec ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should @@ -812,7 +812,7 @@ the impersonation proxy endpoint. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] @@ -825,50 +825,50 @@ the TLS serving certificate for the Concierge impersonation proxy endpoint. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategyreason"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategyreason"] ==== StrategyReason (string) StrategyReason enumerates the detailed reason why a strategy is in a particular status. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategystatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategystatus"] ==== StrategyStatus (string) StrategyStatus enumerates whether a strategy is working on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-strategytype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategytype"] ==== StrategyType (string) StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] ==== TokenCredentialRequestAPIInfo TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -887,34 +887,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomain"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain FederationDomain describes the configuration of an OIDC provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] ==== FederationDomainIdentityProvider FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -923,62 +923,62 @@ FederationDomainIdentityProvider describes how an identity provider is made avai | *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + +| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + If the reference cannot be resolved then the identity provider will not be made available. + Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + +| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + session refresh. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainphase"] ==== FederationDomainPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainsecrets"] ==== FederationDomainSecrets FederationDomainSecrets holds information about this OIDC Provider's secrets. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + stored. If it is empty, then the signing/verification keys are either unknown or they don't + exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + encrypting state parameters is stored. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec"] ==== FederationDomainSpec FederationDomainSpec is a struct that describes an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] @@ -992,8 +992,8 @@ https://example.com/foo/some/path/to/auth/endpoint). + See + https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + +| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + @@ -1018,33 +1018,33 @@ explicitly list the identity provider using this IdentityProviders field. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus"] ==== FederationDomainStatus FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] ==== FederationDomainTLSSpec FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -1070,21 +1070,21 @@ When your Issuer URL's host is an IP address, then this field is ignored. SNI do |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransforms"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms"] ==== FederationDomainTransforms FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + +| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + +| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + authentication attempt, including during every session refresh. + Each is a CEL expression. It may use the basic CEL language as defined in + https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + @@ -1112,7 +1112,7 @@ Any compilation or static type-checking failure of any expression will cause an During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + +| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + expected. Examples define sample input identities which are then run through the expression list, and the + results are compared to the expected results. If any example in this list fails, then this + identity provider will not be available for use within this FederationDomain, and the error(s) will be + @@ -1121,7 +1121,7 @@ expressions, and also act as living documentation for other administrators to be |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] ==== FederationDomainTransformsConstant FederationDomainTransformsConstant defines a constant variable and its value which will be made available to @@ -1129,7 +1129,7 @@ the transform expressions. This is a union type, and Type is the discriminator f .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1143,14 +1143,14 @@ Allowed values are "string" or "stringList". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] ==== FederationDomainTransformsExample FederationDomainTransformsExample defines a transform example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1158,19 +1158,19 @@ FederationDomainTransformsExample defines a transform example. | Field | Description | *`username`* __string__ | Username is the input username. + | *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + +| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + input Username and Groups. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] ==== FederationDomainTransformsExampleExpects FederationDomainTransformsExampleExpects defines the expected result for a transforms example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] **** [cols="25a,75a", options="header"] @@ -1190,14 +1190,14 @@ transformation error, such as a runtime error. When Rejected is false, there is |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] ==== FederationDomainTransformsExpression FederationDomainTransformsExpression defines a transform expression. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1211,70 +1211,70 @@ an authentication attempt. When empty, a default message will be used. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-granttype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-granttype"] ==== GrantType (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient describes the configuration of an OIDC client. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientphase"] ==== OIDCClientPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec"] ==== OIDCClientSpec OIDCClientSpec is a struct that describes an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + +| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. + Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + +| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + client. + Must only contain the following values: + @@ -1285,7 +1285,7 @@ This grant must be listed if allowedScopes lists offline_access. + - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + which is a step in the process to be able to get a cluster credential for the user. + This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + +| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: + - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + @@ -1301,37 +1301,37 @@ Without the username scope being requested and allowed, the ID token will not co - groups: The client is allowed to request that ID tokens contain the user's group membership, + if their group membership is discoverable by the Supervisor. + Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + +| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus"] ==== OIDCClientStatus OIDCClientStatus is a struct that describes the actual state of an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] ==== OIDCClientTokenLifetimes OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** [cols="25a,75a", options="header"] @@ -1350,26 +1350,26 @@ longer lifetimes. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-redirecturi"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-redirecturi"] ==== RedirectURI (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-scope"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-scope"] ==== Scope (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** @@ -1382,19 +1382,19 @@ Package identity is the internal version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1402,18 +1402,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1421,7 +1421,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1432,57 +1432,57 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1494,19 +1494,19 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1514,18 +1514,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1533,7 +1533,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1544,58 +1544,58 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1607,34 +1607,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity pro -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] ==== ActiveDirectoryIdentityProvider ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] ==== ActiveDirectoryIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1648,14 +1648,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] ==== ActiveDirectoryIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1689,7 +1689,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -1717,14 +1717,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] ==== ActiveDirectoryIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -1741,66 +1741,66 @@ where domain is constructed from the domain components of the group DN. + -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] ==== ActiveDirectoryIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] ==== ActiveDirectoryIdentityProviderSpec Spec for configuring an ActiveDirectory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] ==== ActiveDirectoryIdentityProviderStatus Status of an Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] ==== ActiveDirectoryIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1824,19 +1824,19 @@ This means that the user is a person, is not a computer, the sAMAccountType is f and is not shown in advanced view only + (which would likely mean its a system created service account with advanced permissions). + Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] ==== ActiveDirectoryIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -1851,32 +1851,32 @@ Optional, when empty this defaults to "objectGUID". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -1888,14 +1888,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubapiconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig"] ==== GitHubAPIConfig GitHubAPIConfig allows configuration for GitHub Enterprise Server .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1909,56 +1909,56 @@ Port is optional. Do not specify a path, query, fragment, or userinfo. + Only specify domain name or IP address, subdomains (optional), and port (optional). + IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + Note that this field should not be needed when using GitHub's public API ("github.com"). + However, if you choose to specify this field when using GitHub's public API, you must + specify a CA bundle that will verify connections to "api.github.com". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] ==== GitHubAllowAuthenticationSpec GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + +| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] ==== GitHubAllowedAuthOrganizationsPolicy (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims"] ==== GitHubClaims GitHubClaims allows customization of the username and groups claims. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + +| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + Can be either "id", "login", or "login:id". Defaults to "login:id". + @@ -1979,7 +1979,7 @@ choice to concatenate the two values. + See the response schema for + [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + +| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + Can be either "name" or "slug". Defaults to "slug". + @@ -2000,7 +2000,7 @@ See the response schema for + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclientspec"] ==== GitHubClientSpec GitHubClientSpec contains information about the GitHub client that this identity provider will use @@ -2008,7 +2008,7 @@ for web-based login flows. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2021,7 +2021,7 @@ This secret must be of type "secrets.pinniped.dev/github-client" with keys "clie |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] ==== GitHubGroupNameAttribute (string) GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group @@ -2030,12 +2030,12 @@ names to present to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider"] ==== GitHubIdentityProvider GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. @@ -2046,85 +2046,85 @@ as OIDCClients. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] ==== GitHubIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] ==== GitHubIdentityProviderSpec GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + +| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + +| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] ==== GitHubIdentityProviderStatus GitHubIdentityProviderStatus is the status of an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] ==== GitHubOrganizationsSpec .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + +| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + Defaults to "OnlyUsersFromAllowedOrganizations". + Must be set to "AllGitHubUsers" if the allowed field is empty. + @@ -2144,7 +2144,7 @@ If no organizations are listed, you must set organizations: AllGitHubUsers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubusernameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubusernameattribute"] ==== GitHubUsernameAttribute (string) GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present @@ -2153,12 +2153,12 @@ to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access @@ -2166,27 +2166,27 @@ Protocol (LDAP) identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] ==== LDAPIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2200,14 +2200,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] ==== LDAPIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2232,7 +2232,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -2260,14 +2260,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] ==== LDAPIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -2283,66 +2283,66 @@ Optional. When not specified, the default will act as if the GroupName were spec -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] ==== LDAPIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] ==== LDAPIdentityProviderSpec Spec for configuring an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] ==== LDAPIdentityProviderStatus Status of an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] ==== LDAPIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2358,19 +2358,19 @@ Note that the dn (distinguished name) is not an attribute of an entry, so "dn={} Optional. When not specified, the default will act as if the Filter were specified as the value from + Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] ==== LDAPIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -2390,7 +2390,7 @@ server in the user's entry. Distinguished names can be used by specifying lower- |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] ==== OIDCAuthorizationConfig OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization @@ -2398,7 +2398,7 @@ request parameters. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2432,7 +2432,7 @@ may ignore scopes that it does not understand or require (see + https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + @@ -2468,14 +2468,14 @@ allowPasswordGrant defaults to false. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclaims"] ==== OIDCClaims OIDCClaims provides a mapping from upstream claims into identities. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2499,7 +2499,7 @@ are not available, the "additionalClaims" claim will be excluded from the ID tok |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient contains information about an OIDC client (e.g., client ID and client @@ -2507,7 +2507,7 @@ secret). .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2520,48 +2520,48 @@ struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oid |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] ==== OIDCIdentityProvider OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] ==== OIDCIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] ==== OIDCIdentityProviderSpec OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] @@ -2569,42 +2569,42 @@ OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. | Field | Description | *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + /.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] ==== OIDCIdentityProviderStatus OIDCIdentityProviderStatus is the status of an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-parameter"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-parameter"] ==== Parameter Parameter is a key/value pair which represents a parameter in an HTTP request. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] **** [cols="25a,75a", options="header"] @@ -2615,24 +2615,24 @@ Parameter is a key/value pair which represents a parameter in an HTTP request. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration for identity provider integration. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== @@ -2645,7 +2645,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-clustercredential"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-clustercredential"] ==== ClusterCredential ClusterCredential is the cluster-specific credential returned on a successful credential request. It @@ -2653,73 +2653,73 @@ contains either a valid bearer token or a valid TLS certificate and correspondin .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + | *`token`* __string__ | Token is a bearer token used by the client for request authentication. + | *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + | *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest"] ==== TokenCredentialRequest TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] ==== TokenCredentialRequestSpec Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.3/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] ==== TokenCredentialRequestStatus Status of a TokenCredentialRequest, returned on responses to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-30-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + | *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + |=== diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.36/apis/concierge/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/doc.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/doc.go diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/register.go b/generated/1.36/apis/concierge/authentication/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/register.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/register.go diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.36/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.36/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/types_tls.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/types_tls.go diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.36/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go diff --git a/generated/1.30/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/concierge/config/v1alpha1/doc.go b/generated/1.36/apis/concierge/config/v1alpha1/doc.go similarity index 100% rename from generated/1.30/apis/concierge/config/v1alpha1/doc.go rename to generated/1.36/apis/concierge/config/v1alpha1/doc.go diff --git a/generated/1.30/apis/concierge/config/v1alpha1/register.go b/generated/1.36/apis/concierge/config/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/concierge/config/v1alpha1/register.go rename to generated/1.36/apis/concierge/config/v1alpha1/register.go diff --git a/generated/1.30/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.36/apis/concierge/config/v1alpha1/types_credentialissuer.go similarity index 100% rename from generated/1.30/apis/concierge/config/v1alpha1/types_credentialissuer.go rename to generated/1.36/apis/concierge/config/v1alpha1/types_credentialissuer.go diff --git a/generated/1.30/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/concierge/identity/doc.go b/generated/1.36/apis/concierge/identity/doc.go similarity index 100% rename from generated/1.30/apis/concierge/identity/doc.go rename to generated/1.36/apis/concierge/identity/doc.go diff --git a/generated/1.30/apis/concierge/identity/register.go b/generated/1.36/apis/concierge/identity/register.go similarity index 100% rename from generated/1.30/apis/concierge/identity/register.go rename to generated/1.36/apis/concierge/identity/register.go diff --git a/generated/1.30/apis/concierge/identity/types_userinfo.go b/generated/1.36/apis/concierge/identity/types_userinfo.go similarity index 100% rename from generated/1.30/apis/concierge/identity/types_userinfo.go rename to generated/1.36/apis/concierge/identity/types_userinfo.go diff --git a/generated/1.30/apis/concierge/identity/types_whoamirequest.go b/generated/1.36/apis/concierge/identity/types_whoamirequest.go similarity index 100% rename from generated/1.30/apis/concierge/identity/types_whoamirequest.go rename to generated/1.36/apis/concierge/identity/types_whoamirequest.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.36/apis/concierge/identity/v1alpha1/conversion.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/conversion.go rename to generated/1.36/apis/concierge/identity/v1alpha1/conversion.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.36/apis/concierge/identity/v1alpha1/defaults.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/defaults.go rename to generated/1.36/apis/concierge/identity/v1alpha1/defaults.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/doc.go b/generated/1.36/apis/concierge/identity/v1alpha1/doc.go similarity index 86% rename from generated/1.30/apis/concierge/identity/v1alpha1/doc.go rename to generated/1.36/apis/concierge/identity/v1alpha1/doc.go index 68442f43e..3a925a42d 100644 --- a/generated/1.30/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.36/apis/concierge/identity/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/concierge/identity +// +k8s:conversion-gen=go.pinniped.dev/generated/1.36/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/register.go b/generated/1.36/apis/concierge/identity/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/register.go rename to generated/1.36/apis/concierge/identity/v1alpha1/register.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.36/apis/concierge/identity/v1alpha1/types_userinfo.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/types_userinfo.go rename to generated/1.36/apis/concierge/identity/v1alpha1/types_userinfo.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/types_whoamirequest.go b/generated/1.36/apis/concierge/identity/v1alpha1/types_whoamirequest.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/types_whoamirequest.go rename to generated/1.36/apis/concierge/identity/v1alpha1/types_whoamirequest.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.conversion.go rename to generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index ad0cd6ce7..4a9329cf0 100644 --- a/generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - identity "go.pinniped.dev/generated/1.30/apis/concierge/identity" + identity "go.pinniped.dev/generated/1.36/apis/concierge/identity" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.30/apis/concierge/identity/v1alpha1/zz_generated.defaults.go rename to generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.model_name.go b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..80ee935ef --- /dev/null +++ b/generated/1.36/apis/concierge/identity/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,39 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubernetesUserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.KubernetesUserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.UserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestStatus" +} diff --git a/generated/1.30/apis/concierge/identity/validation/validation.go b/generated/1.36/apis/concierge/identity/validation/validation.go similarity index 84% rename from generated/1.30/apis/concierge/identity/validation/validation.go rename to generated/1.36/apis/concierge/identity/validation/validation.go index d19552401..5b02e7c38 100644 --- a/generated/1.30/apis/concierge/identity/validation/validation.go +++ b/generated/1.36/apis/concierge/identity/validation/validation.go @@ -6,7 +6,7 @@ package validation import ( "k8s.io/apimachinery/pkg/util/validation/field" - identityapi "go.pinniped.dev/generated/1.30/apis/concierge/identity" + identityapi "go.pinniped.dev/generated/1.36/apis/concierge/identity" ) func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { diff --git a/generated/1.30/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/identity/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/identity/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/identity/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/concierge/login/doc.go b/generated/1.36/apis/concierge/login/doc.go similarity index 100% rename from generated/1.30/apis/concierge/login/doc.go rename to generated/1.36/apis/concierge/login/doc.go diff --git a/generated/1.30/apis/concierge/login/register.go b/generated/1.36/apis/concierge/login/register.go similarity index 100% rename from generated/1.30/apis/concierge/login/register.go rename to generated/1.36/apis/concierge/login/register.go diff --git a/generated/1.30/apis/concierge/login/types_clustercredential.go b/generated/1.36/apis/concierge/login/types_clustercredential.go similarity index 100% rename from generated/1.30/apis/concierge/login/types_clustercredential.go rename to generated/1.36/apis/concierge/login/types_clustercredential.go diff --git a/generated/1.30/apis/concierge/login/types_tokencredentialrequest.go b/generated/1.36/apis/concierge/login/types_tokencredentialrequest.go similarity index 100% rename from generated/1.30/apis/concierge/login/types_tokencredentialrequest.go rename to generated/1.36/apis/concierge/login/types_tokencredentialrequest.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/conversion.go b/generated/1.36/apis/concierge/login/v1alpha1/conversion.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/conversion.go rename to generated/1.36/apis/concierge/login/v1alpha1/conversion.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/defaults.go b/generated/1.36/apis/concierge/login/v1alpha1/defaults.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/defaults.go rename to generated/1.36/apis/concierge/login/v1alpha1/defaults.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/doc.go b/generated/1.36/apis/concierge/login/v1alpha1/doc.go similarity index 86% rename from generated/1.30/apis/concierge/login/v1alpha1/doc.go rename to generated/1.36/apis/concierge/login/v1alpha1/doc.go index fcad54bb9..988d8834d 100644 --- a/generated/1.30/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.36/apis/concierge/login/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/concierge/login +// +k8s:conversion-gen=go.pinniped.dev/generated/1.36/apis/concierge/login // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev diff --git a/generated/1.30/apis/concierge/login/v1alpha1/register.go b/generated/1.36/apis/concierge/login/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/register.go rename to generated/1.36/apis/concierge/login/v1alpha1/register.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/types_clustercredential.go b/generated/1.36/apis/concierge/login/v1alpha1/types_clustercredential.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/types_clustercredential.go rename to generated/1.36/apis/concierge/login/v1alpha1/types_clustercredential.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go b/generated/1.36/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go rename to generated/1.36/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.30/apis/concierge/login/v1alpha1/zz_generated.conversion.go rename to generated/1.36/apis/concierge/login/v1alpha1/zz_generated.conversion.go index b6579c586..5c2bfc99a 100644 --- a/generated/1.30/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - login "go.pinniped.dev/generated/1.30/apis/concierge/login" + login "go.pinniped.dev/generated/1.36/apis/concierge/login" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.30/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.30/apis/concierge/login/v1alpha1/zz_generated.defaults.go rename to generated/1.36/apis/concierge/login/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.model_name.go b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..f257b9737 --- /dev/null +++ b/generated/1.36/apis/concierge/login/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,34 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCredential) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.ClusterCredential" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestStatus" +} diff --git a/generated/1.30/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.36/apis/concierge/login/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/concierge/login/zz_generated.deepcopy.go rename to generated/1.36/apis/concierge/login/zz_generated.deepcopy.go diff --git a/generated/1.36/apis/go.mod b/generated/1.36/apis/go.mod new file mode 100644 index 000000000..ba753906d --- /dev/null +++ b/generated/1.36/apis/go.mod @@ -0,0 +1,29 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.36/apis + +go 1.26.0 + +require ( + k8s.io/api v0.36.0 + k8s.io/apimachinery v0.36.0 +) + +require ( + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect + golang.org/x/net v0.49.0 // indirect + golang.org/x/text v0.33.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + k8s.io/klog/v2 v2.140.0 // indirect + k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a // indirect + k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect +) diff --git a/generated/1.36/apis/go.sum b/generated/1.36/apis/go.sum new file mode 100644 index 000000000..f679a531e --- /dev/null +++ b/generated/1.36/apis/go.sum @@ -0,0 +1,68 @@ +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= +golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= +golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE= +golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.36.0 h1:SgqDhZzHdOtMk40xVSvCXkP9ME0H05hPM3p9AB1kL80= +k8s.io/api v0.36.0/go.mod h1:m1LVrGPNYax5NBHdO+QuAedXyuzTt4RryI/qnmNvs34= +k8s.io/apimachinery v0.36.0 h1:jZyPzhd5Z+3h9vJLt0z9XdzW9VzNzWAUw+P1xZ9PXtQ= +k8s.io/apimachinery v0.36.0/go.mod h1:FklypaRJt6n5wUIwWXIP6GJlIpUizTgfo1T/As+Tyxc= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a h1:xCeOEAOoGYl2jnJoHkC3hkbPJgdATINPMAxaynU2Ovg= +k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 h1:AZYQSJemyQB5eRxqcPky+/7EdBj0xi3g0ZcxxJ7vbWU= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.30/apis/supervisor/clientsecret/doc.go b/generated/1.36/apis/supervisor/clientsecret/doc.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/doc.go rename to generated/1.36/apis/supervisor/clientsecret/doc.go diff --git a/generated/1.30/apis/supervisor/clientsecret/register.go b/generated/1.36/apis/supervisor/clientsecret/register.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/register.go rename to generated/1.36/apis/supervisor/clientsecret/register.go diff --git a/generated/1.30/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.36/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go rename to generated/1.36/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/conversion.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/conversion.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/conversion.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/conversion.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/defaults.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/defaults.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/defaults.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/defaults.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/doc.go similarity index 87% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/doc.go index 8e0f96f28..852b3a31e 100644 --- a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret +// +k8s:conversion-gen=go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta // +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/register.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/register.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index eb916613c..69dc9020b 100644 --- a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - clientsecret "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret" + clientsecret "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go rename to generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..1022e7e9a --- /dev/null +++ b/generated/1.36/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,29 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestStatus" +} diff --git a/generated/1.30/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.36/apis/supervisor/clientsecret/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/supervisor/clientsecret/zz_generated.deepcopy.go rename to generated/1.36/apis/supervisor/clientsecret/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/supervisor/config/v1alpha1/doc.go b/generated/1.36/apis/supervisor/config/v1alpha1/doc.go similarity index 100% rename from generated/1.30/apis/supervisor/config/v1alpha1/doc.go rename to generated/1.36/apis/supervisor/config/v1alpha1/doc.go diff --git a/generated/1.30/apis/supervisor/config/v1alpha1/register.go b/generated/1.36/apis/supervisor/config/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/supervisor/config/v1alpha1/register.go rename to generated/1.36/apis/supervisor/config/v1alpha1/register.go diff --git a/generated/1.30/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.36/apis/supervisor/config/v1alpha1/types_federationdomain.go similarity index 100% rename from generated/1.30/apis/supervisor/config/v1alpha1/types_federationdomain.go rename to generated/1.36/apis/supervisor/config/v1alpha1/types_federationdomain.go diff --git a/generated/1.30/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.36/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.30/apis/supervisor/config/v1alpha1/types_oidcclient.go rename to generated/1.36/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.30/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.36/apis/supervisor/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/doc.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/doc.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/register.go b/generated/1.36/apis/supervisor/idp/v1alpha1/register.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/register.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/register.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.36/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go b/generated/1.36/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.36/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.36/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.36/apis/supervisor/idp/v1alpha1/types_tls.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/types_tls.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/types_tls.go diff --git a/generated/1.30/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.36/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.30/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.36/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.30/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.36/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go similarity index 100% rename from generated/1.30/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go rename to generated/1.36/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go diff --git a/generated/1.30/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.36/apis/supervisor/oidc/types_supervisor_oidc.go similarity index 100% rename from generated/1.30/apis/supervisor/oidc/types_supervisor_oidc.go rename to generated/1.36/apis/supervisor/oidc/types_supervisor_oidc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/clientset.go b/generated/1.36/client/concierge/clientset/versioned/clientset.go similarity index 94% rename from generated/1.30/client/concierge/clientset/versioned/clientset.go rename to generated/1.36/client/concierge/clientset/versioned/clientset.go index a810a130a..d05c9048f 100644 --- a/generated/1.30/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.36/client/concierge/clientset/versioned/clientset.go @@ -6,13 +6,13 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.30/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.36/client/concierge/clientset/versioned/fake/clientset_generated.go similarity index 69% rename from generated/1.30/client/concierge/clientset/versioned/fake/clientset_generated.go rename to generated/1.36/client/concierge/clientset/versioned/fake/clientset_generated.go index dd2028cd7..9f6dde872 100644 --- a/generated/1.30/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.36/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -6,15 +6,16 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" - identityv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1" - fakeidentityv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" - loginv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1" - fakeloginv1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -24,7 +25,7 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) @@ -38,9 +39,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } @@ -67,6 +72,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsUnSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/1.30/client/concierge/clientset/versioned/fake/doc.go b/generated/1.36/client/concierge/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/fake/doc.go rename to generated/1.36/client/concierge/clientset/versioned/fake/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/fake/register.go b/generated/1.36/client/concierge/clientset/versioned/fake/register.go similarity index 85% rename from generated/1.30/client/concierge/clientset/versioned/fake/register.go rename to generated/1.36/client/concierge/clientset/versioned/fake/register.go index 66d79bdb4..1be129eef 100644 --- a/generated/1.30/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.36/client/concierge/clientset/versioned/fake/register.go @@ -6,10 +6,10 @@ package fake import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.30/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.36/client/concierge/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/scheme/doc.go rename to generated/1.36/client/concierge/clientset/versioned/scheme/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/scheme/register.go b/generated/1.36/client/concierge/clientset/versioned/scheme/register.go similarity index 85% rename from generated/1.30/client/concierge/clientset/versioned/scheme/register.go rename to generated/1.36/client/concierge/clientset/versioned/scheme/register.go index 0fbd123c1..5bf299791 100644 --- a/generated/1.30/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.36/client/concierge/clientset/versioned/scheme/register.go @@ -6,10 +6,10 @@ package scheme import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 84% rename from generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index a82ea014f..0edd6fd6c 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthentica // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *AuthenticationV1alpha1Client { return &AuthenticationV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := authenticationv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 84% rename from generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 4152472c7..aa5bcd675 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeAuthenticationV1alpha1 struct { } func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { - return &FakeJWTAuthenticators{c} + return newFakeJWTAuthenticators(c) } func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { - return &FakeWebhookAuthenticators{c} + return newFakeWebhookAuthenticators(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 000000000..eedd9b027 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeJWTAuthenticators implements JWTAuthenticatorInterface +type fakeJWTAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeJWTAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.JWTAuthenticatorInterface { + return &fakeJWTAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator"), + func() *v1alpha1.JWTAuthenticator { return &v1alpha1.JWTAuthenticator{} }, + func() *v1alpha1.JWTAuthenticatorList { return &v1alpha1.JWTAuthenticatorList{} }, + func(dst, src *v1alpha1.JWTAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.JWTAuthenticatorList) []*v1alpha1.JWTAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.JWTAuthenticatorList, items []*v1alpha1.JWTAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..d09bc1672 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type fakeWebhookAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeWebhookAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.WebhookAuthenticatorInterface { + return &fakeWebhookAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator"), + func() *v1alpha1.WebhookAuthenticator { return &v1alpha1.WebhookAuthenticator{} }, + func() *v1alpha1.WebhookAuthenticatorList { return &v1alpha1.WebhookAuthenticatorList{} }, + func(dst, src *v1alpha1.WebhookAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.WebhookAuthenticatorList) []*v1alpha1.WebhookAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.WebhookAuthenticatorList, items []*v1alpha1.WebhookAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go rename to generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..1947d833c --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,59 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList] +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList]( + "jwtauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.JWTAuthenticator { return &authenticationv1alpha1.JWTAuthenticator{} }, + func() *authenticationv1alpha1.JWTAuthenticatorList { + return &authenticationv1alpha1.JWTAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..e67ed5088 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,61 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList] +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList]( + "webhookauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.WebhookAuthenticator { + return &authenticationv1alpha1.WebhookAuthenticator{} + }, + func() *authenticationv1alpha1.WebhookAuthenticatorList { + return &authenticationv1alpha1.WebhookAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 82% rename from generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index dc7a0b73c..eebdd5372 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" - "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..0dc359502 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.CreateOptions) (*configv1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + *gentype.ClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList] +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + gentype.NewClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList]( + "credentialissuers", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *configv1alpha1.CredentialIssuer { return &configv1alpha1.CredentialIssuer{} }, + func() *configv1alpha1.CredentialIssuerList { return &configv1alpha1.CredentialIssuerList{} }, + ), + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 86% rename from generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 74fd97745..d1b686d7f 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { - return &FakeCredentialIssuers{c} + return newFakeCredentialIssuers(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 000000000..354a5b1b6 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeCredentialIssuers implements CredentialIssuerInterface +type fakeCredentialIssuers struct { + *gentype.FakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList] + Fake *FakeConfigV1alpha1 +} + +func newFakeCredentialIssuers(fake *FakeConfigV1alpha1) configv1alpha1.CredentialIssuerInterface { + return &fakeCredentialIssuers{ + gentype.NewFakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("credentialissuers"), + v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer"), + func() *v1alpha1.CredentialIssuer { return &v1alpha1.CredentialIssuer{} }, + func() *v1alpha1.CredentialIssuerList { return &v1alpha1.CredentialIssuerList{} }, + func(dst, src *v1alpha1.CredentialIssuerList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.CredentialIssuerList) []*v1alpha1.CredentialIssuer { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.CredentialIssuerList, items []*v1alpha1.CredentialIssuer) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.36/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go similarity index 86% rename from generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index db5845099..ec73b4436 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeIdentityV1alpha1 struct { } func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { - return &FakeWhoAmIRequests{c} + return newFakeWhoAmIRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 000000000..1f768e318 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWhoAmIRequests implements WhoAmIRequestInterface +type fakeWhoAmIRequests struct { + *gentype.FakeClient[*v1alpha1.WhoAmIRequest] + Fake *FakeIdentityV1alpha1 +} + +func newFakeWhoAmIRequests(fake *FakeIdentityV1alpha1) identityv1alpha1.WhoAmIRequestInterface { + return &fakeWhoAmIRequests{ + gentype.NewFakeClient[*v1alpha1.WhoAmIRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("whoamirequests"), + v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest"), + func() *v1alpha1.WhoAmIRequest { return &v1alpha1.WhoAmIRequest{} }, + ), + fake, + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go rename to generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go similarity index 82% rename from generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index bfc664812..9eb82f3b5 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1" - "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" + identityv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *IdentityV1alpha1Client { return &IdentityV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := identityv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 000000000..d1a6370f9 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,45 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + identityv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *identityv1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*identityv1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + *gentype.Client[*identityv1alpha1.WhoAmIRequest] +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + gentype.NewClient[*identityv1alpha1.WhoAmIRequest]( + "whoamirequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *identityv1alpha1.WhoAmIRequest { return &identityv1alpha1.WhoAmIRequest{} }, + ), + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go similarity index 85% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 9956876b1..52eeab60f 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeLoginV1alpha1 struct { } func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { - return &FakeTokenCredentialRequests{c} + return newFakeTokenCredentialRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 000000000..ddb3dc7d5 --- /dev/null +++ b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeTokenCredentialRequests implements TokenCredentialRequestInterface +type fakeTokenCredentialRequests struct { + *gentype.FakeClient[*v1alpha1.TokenCredentialRequest] + Fake *FakeLoginV1alpha1 +} + +func newFakeTokenCredentialRequests(fake *FakeLoginV1alpha1) loginv1alpha1.TokenCredentialRequestInterface { + return &fakeTokenCredentialRequests{ + gentype.NewFakeClient[*v1alpha1.TokenCredentialRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"), + v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest"), + func() *v1alpha1.TokenCredentialRequest { return &v1alpha1.TokenCredentialRequest{} }, + ), + fake, + } +} diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go similarity index 82% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 3ad10e876..72a048243 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1" - "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestIn // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *LoginV1alpha1Client { return &LoginV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := loginv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go similarity index 50% rename from generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go rename to generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 4aadd1b7a..de6e3bf22 100644 --- a/generated/1.30/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.36/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -6,12 +6,12 @@ package v1alpha1 import ( - "context" + context "context" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1" - scheme "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" + gentype "k8s.io/client-go/gentype" ) // TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. @@ -22,30 +22,24 @@ type TokenCredentialRequestsGetter interface { // TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. type TokenCredentialRequestInterface interface { - Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + Create(ctx context.Context, tokenCredentialRequest *loginv1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*loginv1alpha1.TokenCredentialRequest, error) TokenCredentialRequestExpansion } // tokenCredentialRequests implements TokenCredentialRequestInterface type tokenCredentialRequests struct { - client rest.Interface + *gentype.Client[*loginv1alpha1.TokenCredentialRequest] } // newTokenCredentialRequests returns a TokenCredentialRequests func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { return &tokenCredentialRequests{ - client: c.RESTClient(), + gentype.NewClient[*loginv1alpha1.TokenCredentialRequest]( + "tokencredentialrequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *loginv1alpha1.TokenCredentialRequest { return &loginv1alpha1.TokenCredentialRequest{} }, + ), } } - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - result = &v1alpha1.TokenCredentialRequest{} - err = c.client.Post(). - Resource("tokencredentialrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tokenCredentialRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.30/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.36/client/concierge/informers/externalversions/authentication/interface.go similarity index 89% rename from generated/1.30/client/concierge/informers/externalversions/authentication/interface.go rename to generated/1.36/client/concierge/informers/externalversions/authentication/interface.go index 1a474b07e..02d59e8d2 100644 --- a/generated/1.30/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.36/client/concierge/informers/externalversions/authentication/interface.go @@ -6,8 +6,8 @@ package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go similarity index 95% rename from generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go rename to generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index 2ea6224d5..db66e79a3 100644 --- a/generated/1.30/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..5f8f5dbfe --- /dev/null +++ b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,102 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorInformer provides access to a shared informer and lister for +// JWTAuthenticators. +type JWTAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() authenticationv1alpha1.JWTAuthenticatorLister +} + +type jWTAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewJWTAuthenticatorInformerWithOptions constructs a new informer for JWTAuthenticator type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, opts) + }, + }, client), + &conciergeauthenticationv1alpha1.JWTAuthenticator{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) +} + +func (f *jWTAuthenticatorInformer) Lister() authenticationv1alpha1.JWTAuthenticatorLister { + return authenticationv1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..75e254c69 --- /dev/null +++ b/generated/1.36/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,102 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() authenticationv1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewWebhookAuthenticatorInformerWithOptions constructs a new informer for WebhookAuthenticator type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, opts) + }, + }, client), + &conciergeauthenticationv1alpha1.WebhookAuthenticator{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() authenticationv1alpha1.WebhookAuthenticatorLister { + return authenticationv1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/concierge/informers/externalversions/config/interface.go b/generated/1.36/client/concierge/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.30/client/concierge/informers/externalversions/config/interface.go rename to generated/1.36/client/concierge/informers/externalversions/config/interface.go index a1fec85f3..1019105ce 100644 --- a/generated/1.30/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.36/client/concierge/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..c37a73f26 --- /dev/null +++ b/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -0,0 +1,102 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + conciergeconfigv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/concierge/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerInformer provides access to a shared informer and lister for +// CredentialIssuers. +type CredentialIssuerInformer interface { + Informer() cache.SharedIndexInformer + Lister() configv1alpha1.CredentialIssuerLister +} + +type credentialIssuerInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewCredentialIssuerInformerWithOptions constructs a new informer for CredentialIssuer type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().CredentialIssuers().List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().CredentialIssuers().List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, opts) + }, + }, client), + &conciergeconfigv1alpha1.CredentialIssuer{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&conciergeconfigv1alpha1.CredentialIssuer{}, f.defaultInformer) +} + +func (f *credentialIssuerInformer) Lister() configv1alpha1.CredentialIssuerLister { + return configv1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/interface.go similarity index 94% rename from generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/interface.go index c7cbdc22c..452cc58c6 100644 --- a/generated/1.30/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.36/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.30/client/concierge/informers/externalversions/factory.go b/generated/1.36/client/concierge/informers/externalversions/factory.go similarity index 67% rename from generated/1.30/client/concierge/informers/externalversions/factory.go rename to generated/1.36/client/concierge/informers/externalversions/factory.go index 7b8b01be8..16553e8a2 100644 --- a/generated/1.30/client/concierge/informers/externalversions/factory.go +++ b/generated/1.36/client/concierge/informers/externalversions/factory.go @@ -6,17 +6,19 @@ package externalversions import ( + context "context" reflect "reflect" sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" - authentication "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/authentication" - config "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/config" - internalinterfaces "go.pinniped.dev/generated/1.30/client/concierge/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.36/client/concierge/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" + wait "k8s.io/apimachinery/pkg/util/wait" cache "k8s.io/client-go/tools/cache" ) @@ -31,6 +33,7 @@ type sharedInformerFactory struct { defaultResync time.Duration customResync map[reflect.Type]time.Duration transform cache.TransformFunc + informerName *cache.InformerName informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -77,6 +80,21 @@ func WithTransform(transform cache.TransformFunc) SharedInformerOption { } } +// WithInformerName sets the InformerName for informer identity used in metrics. +// The InformerName must be created via cache.NewInformerName() at startup, +// which validates global uniqueness. Each informer type will register its +// GVR under this name. +func WithInformerName(informerName *cache.InformerName) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.informerName = informerName + return factory + } +} + +func (f *sharedInformerFactory) InformerName() *cache.InformerName { + return f.informerName +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -85,6 +103,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -110,6 +129,10 @@ func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResy } func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.StartWithContext(wait.ContextForChannel(stopCh)) +} + +func (f *sharedInformerFactory) StartWithContext(ctx context.Context) { f.lock.Lock() defer f.lock.Unlock() @@ -119,15 +142,9 @@ func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { for informerType, informer := range f.informers { if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() + f.wg.Go(func() { + informer.RunWithContext(ctx) + }) f.startedInformers[informerType] = true } } @@ -140,9 +157,15 @@ func (f *sharedInformerFactory) Shutdown() { // Will return immediately if there is nothing to wait for. f.wg.Wait() + f.informerName.Release() } func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + result := f.WaitForCacheSyncWithContext(wait.ContextForChannel(stopCh)) + return result.Synced +} + +func (f *sharedInformerFactory) WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult { informers := func() map[reflect.Type]cache.SharedIndexInformer { f.lock.Lock() defer f.lock.Unlock() @@ -156,10 +179,31 @@ func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[ref return informers }() - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + // Wait for informers to sync, without polling. + cacheSyncs := make([]cache.DoneChecker, 0, len(informers)) + for _, informer := range informers { + cacheSyncs = append(cacheSyncs, informer.HasSyncedChecker()) } + cache.WaitFor(ctx, "" /* no logging */, cacheSyncs...) + + res := cache.SyncResult{ + Synced: make(map[reflect.Type]bool, len(informers)), + } + failed := false + for informType, informer := range informers { + hasSynced := informer.HasSynced() + if !hasSynced { + failed = true + } + res.Synced[informType] = hasSynced + } + if failed { + // context.Cause is more informative than ctx.Err(). + // This must be non-nil, otherwise WaitFor wouldn't have stopped + // prematurely. + res.Err = context.Cause(ctx) + } + return res } @@ -181,7 +225,9 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) - informer.SetTransform(f.transform) + if f.transform != nil { + informer.SetTransform(f.transform) + } f.informers[informerType] = informer return informer @@ -192,32 +238,52 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. // genericInformer := factory.ForResource(resource) // typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } +// handle, err := typeInformer.Informer().AddEventHandler(...) +// if err != nil { +// return fmt.Errorf("register event handler: %v", err) +// } +// defer typeInformer.Informer().RemoveEventHandler(handle) // Avoids leaking goroutines. +// factory.StartWithContext(ctx) // Start processing these informers. +// synced := factory.WaitForCacheSyncWithContext(ctx) +// if err := synced.AsError(); err != nil { +// return err +// } +// for v := range synced { +// // Only if desired log some information similar to this. +// fmt.Fprintf(os.Stdout, "cache synced: %s", v) +// } +// +// // Also make sure that all of the initial cache events have been delivered. +// if !WaitFor(ctx, "event handler sync", handle.HasSyncedChecker()) { +// // Must have failed because of context. +// return fmt.Errorf("sync event handler: %w", context.Cause(ctx)) // } // // // Creating informers can also be created after Start, but then // // Start must be called again: // anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) +// factory.StartWithContext(ctx) type SharedInformerFactory interface { internalinterfaces.SharedInformerFactory // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + // + // Contextual logging: StartWithContext should be used instead of Start in code which supports contextual logging. Start(stopCh <-chan struct{}) + // StartWithContext initializes all requested informers. They are handled in goroutines + // which run until the context gets canceled. + // Warning: StartWithContext does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + StartWithContext(ctx context.Context) + // Shutdown marks a factory as shutting down. At that point no new // informers can be started anymore and Start will return without // doing anything. @@ -232,8 +298,14 @@ type SharedInformerFactory interface { // WaitForCacheSync blocks until all started informers' caches were synced // or the stop channel gets closed. + // + // Contextual logging: WaitForCacheSync should be used instead of WaitForCacheSync in code which supports contextual logging. It also returns a more useful result. WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + // WaitForCacheSyncWithContext blocks until all started informers' caches were synced + // or the context gets canceled. + WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult + // ForResource gives generic access to a shared informer of the matching type. ForResource(resource schema.GroupVersionResource) (GenericInformer, error) diff --git a/generated/1.30/client/concierge/informers/externalversions/generic.go b/generated/1.36/client/concierge/informers/externalversions/generic.go similarity index 93% rename from generated/1.30/client/concierge/informers/externalversions/generic.go rename to generated/1.36/client/concierge/informers/externalversions/generic.go index d24205d0e..9d54d84a3 100644 --- a/generated/1.30/client/concierge/informers/externalversions/generic.go +++ b/generated/1.36/client/concierge/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/concierge/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.30/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.36/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 54% rename from generated/1.30/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.36/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index 6d83f3422..90a256dd4 100644 --- a/generated/1.30/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.36/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.30/client/concierge/clientset/versioned" + versioned "go.pinniped.dev/generated/1.36/client/concierge/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" @@ -21,7 +21,26 @@ type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexI type SharedInformerFactory interface { Start(stopCh <-chan struct{}) InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer + InformerName() *cache.InformerName } // TweakListOptionsFunc is a function that transforms a v1.ListOptions. type TweakListOptionsFunc func(*v1.ListOptions) + +// InformerOptions holds the options for creating an informer. +type InformerOptions struct { + // ResyncPeriod is the resync period for this informer. + // If not set, defaults to 0 (no resync). + ResyncPeriod time.Duration + + // Indexers are the indexers for this informer. + Indexers cache.Indexers + + // InformerName is used to uniquely identify this informer for metrics. + // If not set, metrics will not be published for this informer. + // Use cache.NewInformerName() to create an InformerName at startup. + InformerName *cache.InformerName + + // TweakListOptions is an optional function to modify the list options. + TweakListOptions TweakListOptionsFunc +} diff --git a/generated/1.30/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.36/client/concierge/listers/authentication/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.30/client/concierge/listers/authentication/v1alpha1/expansion_generated.go rename to generated/1.36/client/concierge/listers/authentication/v1alpha1/expansion_generated.go diff --git a/generated/1.36/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.36/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..f10c24bc6 --- /dev/null +++ b/generated/1.36/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.JWTAuthenticator] +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{listers.New[*authenticationv1alpha1.JWTAuthenticator](indexer, authenticationv1alpha1.Resource("jwtauthenticator"))} +} diff --git a/generated/1.36/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.36/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..55e7b3dad --- /dev/null +++ b/generated/1.36/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.WebhookAuthenticator] +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{listers.New[*authenticationv1alpha1.WebhookAuthenticator](indexer, authenticationv1alpha1.Resource("webhookauthenticator"))} +} diff --git a/generated/1.36/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.36/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..d01ac9923 --- /dev/null +++ b/generated/1.36/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,35 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + listers.ResourceIndexer[*configv1alpha1.CredentialIssuer] +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{listers.New[*configv1alpha1.CredentialIssuer](indexer, configv1alpha1.Resource("credentialissuer"))} +} diff --git a/generated/1.30/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.36/client/concierge/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.30/client/concierge/listers/config/v1alpha1/expansion_generated.go rename to generated/1.36/client/concierge/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.30/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.36/client/concierge/openapi/zz_generated.openapi.go similarity index 77% rename from generated/1.30/client/supervisor/openapi/zz_generated.openapi.go rename to generated/1.36/client/concierge/openapi/zz_generated.openapi.go index f4e39967f..f060bac4c 100644 --- a/generated/1.30/client/supervisor/openapi/zz_generated.openapi.go +++ b/generated/1.36/client/concierge/openapi/zz_generated.openapi.go @@ -6,304 +6,441 @@ // Code generated by openapi-gen. DO NOT EDIT. -package supervisor +package concierge import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.36/apis/concierge/login/v1alpha1" + v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostIP": schema_k8sio_api_core_v1_HostIP(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.ModifyVolumeStatus": schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodResourceClaimStatus": schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.SleepAction": schema_k8sio_api_core_v1_SleepAction(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), + v1alpha1.UserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_UserInfo(ref), + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), + v1alpha1.WhoAmIRequestList{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), + v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), + loginv1alpha1.ClusterCredential{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + loginv1alpha1.TokenCredentialRequestList{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.ImageVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeStatus(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSchedulingGroup{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGroup(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeStatus(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.ShardInfo{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ShardInfo(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", + Description: "KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User is the UserInfo associated with the current user.", + Default: map[string]interface{}{}, + Ref: ref(v1alpha1.UserInfo{}.OpenAPIModelName()), + }, + }, + "audiences": { + SchemaProps: spec.SchemaProps{ + Description: "Audiences are audience identifiers chosen by the authenticator.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"user"}, + }, + }, + Dependencies: []string{ + v1alpha1.UserInfo{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_identity_v1alpha1_UserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "UserInfo holds the information about the user needed to implement the user.Info interface.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "username": { + SchemaProps: spec.SchemaProps{ + Description: "The name that uniquely identifies this user among all active users.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", + Type: []string{"string"}, + Format: "", + }, + }, + "groups": { + SchemaProps: spec.SchemaProps{ + Description: "The names of groups this user is a part of.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "extra": { + SchemaProps: spec.SchemaProps{ + Description: "Any additional information provided by the authenticator.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + }, + }, + }, + Required: []string{"username"}, + }, + }, + } +} + +func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WhoAmIRequest submits a request to echo back the current authenticated user.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -323,35 +460,34 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), + Ref: ref(v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), + Ref: ref(v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName()), }, }, }, - Required: []string{"spec"}, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(), v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", + Description: "WhoAmIRequestList is a list of WhoAmIRequest objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -371,18 +507,18 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { SchemaProps: spec.SchemaProps{ - Description: "Items is a list of OIDCClientSecretRequest.", + Description: "Items is a list of WhoAmIRequest.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), + Ref: ref(v1alpha1.WhoAmIRequest{}.OpenAPIModelName()), }, }, }, @@ -393,65 +529,238 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Spec of the OIDCClientSecretRequest.", + Description: "Spec is always empty for a WhoAmIRequest.", Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generateNewSecret": { - SchemaProps: spec.SchemaProps{ - Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "revokeOldSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - }, }, }, } } -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Status of the OIDCClientSecretRequest.", + Description: "Status is set by the server in the response to a WhoAmIRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "generatedSecret": { + "kubernetesUserInfo": { SchemaProps: spec.SchemaProps{ - Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", + Description: "The current authenticated user, exactly as Kubernetes understands it.", + Default: map[string]interface{}{}, + Ref: ref(v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"kubernetesUserInfo"}, + }, + }, + Dependencies: []string{ + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "expirationTimestamp": { + SchemaProps: spec.SchemaProps{ + Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), + }, + }, + "token": { + SchemaProps: spec.SchemaProps{ + Description: "Token is a bearer token used by the client for request authentication.", Type: []string{"string"}, Format: "", }, }, - "totalClientSecrets": { + "clientCertificateData": { SchemaProps: spec.SchemaProps{ - Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", + Description: "PEM-encoded client TLS certificates (including intermediates, if any).", + Type: []string{"string"}, + Format: "", + }, + }, + "clientKeyData": { + SchemaProps: spec.SchemaProps{ + Description: "PEM-encoded private key for the above certificate.", + Type: []string{"string"}, + Format: "", }, }, }, - Required: []string{"totalClientSecrets"}, }, }, + Dependencies: []string{ + metav1.Time{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName()), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(), loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "TokenCredentialRequestList is a list of TokenCredentialRequest objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "Items is a list of TokenCredentialRequest.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Specification of a TokenCredentialRequest, expected on requests to the Pinniped API.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "token": { + SchemaProps: spec.SchemaProps{ + Description: "Bearer token supplied with the credential request.", + Type: []string{"string"}, + Format: "", + }, + }, + "authenticator": { + SchemaProps: spec.SchemaProps{ + Description: "Reference to an authenticator which can validate this credential request.", + Default: map[string]interface{}{}, + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"authenticator"}, + }, + }, + Dependencies: []string{ + v1.TypedLocalObjectReference{}.OpenAPIModelName()}, + } +} + +func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Status of a TokenCredentialRequest, returned on responses to the Pinniped API.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "credential": { + SchemaProps: spec.SchemaProps{ + Description: "A Credential will be returned for a successful credential request.", + Ref: ref(loginv1alpha1.ClusterCredential{}.OpenAPIModelName()), + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "An error message will be returned for an unsuccessful credential request.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{ + loginv1alpha1.ClusterCredential{}.OpenAPIModelName()}, } } @@ -508,26 +817,26 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, } } @@ -623,7 +932,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -633,7 +942,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -663,6 +972,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "cachingMode": { SchemaProps: spec.SchemaProps{ Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, @@ -671,6 +981,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -678,6 +989,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, @@ -685,6 +997,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "kind": { SchemaProps: spec.SchemaProps{ Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", Enum: []interface{}{"Dedicated", "Managed", "Shared"}, @@ -782,7 +1095,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -803,14 +1116,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -818,7 +1131,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -826,7 +1139,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -878,31 +1191,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -910,7 +1223,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -962,7 +1275,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -970,7 +1283,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1078,7 +1391,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1093,7 +1406,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1148,7 +1461,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1163,7 +1476,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1199,7 +1512,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1207,7 +1520,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1243,7 +1556,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1251,34 +1564,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, - } -} - -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1326,7 +1612,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "optional": { @@ -1349,7 +1635,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -1422,7 +1708,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { @@ -1443,7 +1729,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1453,7 +1739,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1482,7 +1768,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1493,7 +1779,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1504,7 +1790,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1533,7 +1819,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1578,7 +1864,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1677,7 +1963,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1688,7 +1974,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1699,7 +1985,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1783,7 +2069,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1800,7 +2086,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1832,7 +2118,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1856,7 +2142,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1948,7 +2234,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -1961,13 +2247,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -1991,7 +2277,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -2001,7 +2287,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -2011,13 +2297,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources resize policy for the container.", + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -2025,11 +2311,30 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -2048,7 +2353,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2072,7 +2377,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2081,25 +2386,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2128,7 +2433,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2157,7 +2462,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2283,6 +2626,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2293,26 +2706,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2326,14 +2739,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2376,13 +2789,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2397,7 +2810,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2447,14 +2860,14 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { @@ -2511,7 +2924,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -2520,7 +2933,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "resources": { SchemaProps: spec.SchemaProps{ Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "volumeMounts": { @@ -2541,18 +2954,77 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), }, }, }, }, }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, Required: []string{"name", "ready", "restartCount", "image", "imageID"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2598,7 +3070,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2608,7 +3080,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2630,13 +3102,13 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2651,7 +3123,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -2675,7 +3147,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2692,7 +3164,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2713,14 +3185,14 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) "sizeLimit": { SchemaProps: spec.SchemaProps{ Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -2728,7 +3200,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { @@ -2756,7 +3228,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -2769,7 +3241,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -2777,7 +3249,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2826,7 +3298,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { @@ -2842,7 +3314,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -2861,7 +3333,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -2880,7 +3352,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -2890,7 +3362,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -2898,7 +3370,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2919,7 +3391,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { @@ -2935,7 +3407,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -2945,7 +3417,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -2953,7 +3425,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2974,7 +3446,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -2985,7 +3457,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -2996,7 +3468,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3004,12 +3476,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3017,20 +3489,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3043,7 +3515,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3059,7 +3531,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3067,7 +3539,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3081,32 +3553,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3198,7 +3676,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3211,13 +3689,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3241,7 +3719,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3251,7 +3729,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3267,7 +3745,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3275,11 +3753,30 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3298,7 +3795,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3322,7 +3819,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3331,25 +3828,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3378,7 +3875,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3414,7 +3911,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3506,7 +4003,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3519,13 +4016,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3549,7 +4046,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3559,7 +4056,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3575,7 +4072,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3583,11 +4080,30 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3606,7 +4122,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3630,7 +4146,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3639,25 +4155,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3686,7 +4202,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3715,7 +4231,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3729,14 +4245,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -3765,14 +4281,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -3793,19 +4309,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -3825,13 +4341,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -3844,7 +4360,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -3868,7 +4384,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -3897,7 +4413,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3908,7 +4424,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -3919,7 +4435,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3940,14 +4456,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -4085,6 +4601,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4110,7 +4677,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4141,7 +4708,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4170,7 +4737,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4201,7 +4768,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4279,7 +4846,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4393,7 +4961,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4469,7 +5037,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4480,7 +5048,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -4642,6 +5210,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4697,7 +5266,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4712,7 +5281,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4750,6 +5319,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4805,7 +5375,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4820,7 +5390,56 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeStatus represents the image-based volume status.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "imageRef": { + SchemaProps: spec.SchemaProps{ + Description: "ImageRef is the digest of the image used for this volume. It should have a value that's similar to the pod's status.containerStatuses[i].imageID. The ImageRef length should not exceed 256 characters.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"imageRef"}, + }, + }, } } @@ -4871,20 +5490,28 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -4897,33 +5524,33 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "sleep": { SchemaProps: spec.SchemaProps{ - Description: "Sleep represents the duration that the container should sleep before being terminated.", - Ref: ref("k8s.io/api/core/v1.SleepAction"), + Description: "Sleep represents a duration that the container should sleep.", + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.SleepAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -4952,21 +5579,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -4993,7 +5620,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5007,7 +5634,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5021,7 +5648,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5035,7 +5662,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5049,7 +5676,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5060,7 +5687,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5089,7 +5716,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5100,7 +5727,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -5111,7 +5738,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5135,7 +5762,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -5146,7 +5773,57 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, } } @@ -5175,7 +5852,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5185,7 +5862,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5196,7 +5873,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5241,7 +5918,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5251,7 +5928,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5275,7 +5952,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5285,7 +5962,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5319,7 +5996,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5436,28 +6113,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5486,19 +6163,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5506,7 +6186,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5535,7 +6215,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5546,7 +6226,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5557,7 +6237,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5627,7 +6307,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -5637,7 +6317,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -5666,28 +6346,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5731,7 +6411,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { @@ -5747,7 +6427,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -5757,7 +6437,65 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatus describes the status of node allocatable resources allocated via DRA.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the resource claim referenced by the pod that resulted in this node allocatable resource allocation.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "containers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Containers lists the names of all containers in this pod that reference the claim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is a map of the node-allocatable resource name to the aggregate quantity allocated to the claim.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"resourceClaimName", "resources"}, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5787,13 +6525,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5815,7 +6553,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5829,14 +6567,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -5850,19 +6588,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -5876,7 +6614,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -5891,14 +6629,34 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5927,7 +6685,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5938,7 +6696,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -5949,7 +6707,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6005,14 +6763,14 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) c "features": { SchemaProps: spec.SchemaProps{ Description: "Supported features.", - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, } } @@ -6020,7 +6778,7 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCal return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeRuntimeHandlerFeatures is a set of runtime features.", + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "recursiveReadOnlyMounts": { @@ -6030,6 +6788,13 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCal Format: "", }, }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, @@ -6056,7 +6821,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -6072,7 +6837,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -6147,7 +6912,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6166,7 +6931,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6181,7 +6946,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -6247,7 +7012,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -6256,7 +7021,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -6270,7 +7035,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -6283,13 +7048,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6303,7 +7068,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6329,13 +7094,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6353,13 +7118,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6369,14 +7134,14 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { @@ -6392,7 +7157,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, @@ -6431,7 +7196,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6440,7 +7205,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), }, }, "runtimeHandlers": { @@ -6456,7 +7221,33 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", }, }, }, @@ -6466,7 +7257,27 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6535,7 +7346,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6557,10 +7368,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -6690,28 +7509,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6740,28 +7559,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6774,28 +7593,30 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -6817,7 +7638,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -6846,7 +7667,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6857,7 +7678,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -6868,7 +7689,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6903,14 +7724,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -6938,18 +7759,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", Type: []string{"string"}, Format: "", }, @@ -6958,7 +7779,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/api/core/v1.VolumeResourceRequirements", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7006,7 +7827,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7030,7 +7851,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -7038,13 +7859,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7057,7 +7878,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -7066,7 +7887,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"ControllerResizeFailed", "ControllerResizeInProgress", "NodeResizeFailed", "NodeResizeInProgress", "NodeResizePending"}, + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, }, }, }, @@ -7074,22 +7895,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "currentVolumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, "modifyVolumeStatus": { SchemaProps: spec.SchemaProps{ - Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature.", - Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ModifyVolumeStatus", "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7104,14 +7925,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -7119,7 +7940,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7177,7 +7998,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7188,7 +8009,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -7199,7 +8020,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7212,141 +8033,141 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -7365,7 +8186,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7373,134 +8194,134 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { @@ -7532,7 +8353,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -7580,13 +8401,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process. This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", Type: []string{"string"}, Format: "", }, @@ -7595,7 +8416,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7630,15 +8451,15 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac }, "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ - Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7696,28 +8517,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7741,7 +8562,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7760,7 +8581,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7770,7 +8591,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7784,7 +8605,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { @@ -7818,7 +8639,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "matchLabelKeys": { @@ -7828,7 +8649,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7848,7 +8669,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7866,7 +8687,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7890,7 +8711,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7903,13 +8724,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7919,7 +8740,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7985,6 +8806,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8000,6 +8893,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -8011,13 +8911,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -8039,7 +8939,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8103,7 +9003,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -8113,7 +9013,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -8126,15 +9026,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -8226,6 +9127,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8273,7 +9217,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -8284,7 +9228,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -8295,7 +9239,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -8351,7 +9295,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -8363,7 +9307,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -8382,11 +9326,18 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8519,7 +9470,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and this Pod belongs to a PodGroup, a PodResourceClaim is matched to a PodGroupResourceClaim if all of their fields are equal (Name, ResourceClaimName, and ResourceClaimTemplateName). A matched claim references a single ResourceClaim shared across all Pods in the PodGroup, reserved for the PodGroup in ResourceClaimStatus.ReservedFor rather than for individual Pods.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8530,19 +9481,24 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and the pod belongs to a PodGroup that defines a PodGroupResourceClaim with the same Name and ResourceClaimTemplateName, this PodResourceClaim resolves to the ResourceClaim generated for the PodGroup. All pods in the group that define an equivalent PodResourceClaim matching the PodGroupResourceClaim's Name and ResourceClaimTemplateName share the same generated ResourceClaim. ResourceClaims generated for a PodGroup are owned by the PodGroup and their lifecycles are tied to the PodGroup instead of any individual pod.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8563,7 +9519,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. It this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.\n\nWhen the DRAWorkloadResourceClaims feature is enabled and the corresponding PodResourceClaim matches a PodGroupResourceClaim made by the Pod's PodGroup, then this is the name of the ResourceClaim generated and reserved for the PodGroup.\n\nIf this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -8597,6 +9553,37 @@ func schema_k8sio_api_core_v1_PodSchedulingGate(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_PodSchedulingGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodSchedulingGroup identifies the runtime scheduling group instance that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics. Exactly one field must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "podGroupName": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupName specifies the name of the standalone PodGroup object that represents the runtime instance of this group. Must be a DNS subdomain.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "fields-to-discriminateBy": map[string]interface{}{ + "podGroupName": "PodGroupName", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8607,13 +9594,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -8644,7 +9631,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8657,6 +9644,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8677,7 +9672,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -8694,20 +9689,27 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -8721,14 +9723,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -8757,7 +9759,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -8775,13 +9777,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8805,7 +9807,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8829,7 +9831,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -8909,14 +9911,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -8945,7 +9947,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { @@ -8966,7 +9968,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -8989,7 +9991,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -9012,7 +10014,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -9036,7 +10038,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -9059,7 +10061,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { @@ -9075,7 +10077,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -9111,7 +10113,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -9136,7 +10138,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -9144,20 +10146,20 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { SchemaProps: spec.SchemaProps{ - Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host.", Type: []string{"boolean"}, Format: "", }, @@ -9180,7 +10182,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -9198,24 +10200,43 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "schedulingGroup": { + SchemaProps: spec.SchemaProps{ + Description: "SchedulingGroup provides a reference to the immediate scheduling runtime grouping object that this Pod belongs to. This field is used by the scheduler to identify the group and apply the correct group scheduling policies. The association with a group also impacts other lifecycle aspects of a Pod that are relevant in a wider context of scheduling like preemption, resource attachment, etc. If not specified, the Pod is treated as a single unit in all of these aspects. The group object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a group object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.PodSchedulingGroup{}.OpenAPIModelName()), + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSchedulingGroup{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -9226,6 +10247,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", @@ -9252,7 +10280,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -9301,7 +10329,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostIP"), + Ref: ref(v1.HostIP{}.OpenAPIModelName()), }, }, }, @@ -9332,7 +10360,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -9341,7 +10369,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { @@ -9351,13 +10379,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9370,13 +10398,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9397,13 +10425,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9411,7 +10439,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "resize": { SchemaProps: spec.SchemaProps{ - Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", Type: []string{"string"}, Format: "", }, @@ -9434,7 +10462,52 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaimStatus"), + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "nodeAllocatableResourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatuses contains the status of node-allocatable resources that were allocated for this pod through DRA claims. This includes resources currently reported in v1.Node `status.allocatable` that are not extended resources (see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#extended-resources). Examples include \"cpu\", \"memory\", \"ephemeral-storage\", and hugepages.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName()), }, }, }, @@ -9444,7 +10517,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9473,21 +10546,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9516,21 +10589,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9559,7 +10632,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9570,7 +10643,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -9581,7 +10654,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9596,21 +10669,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9618,7 +10691,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -9698,13 +10772,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9726,7 +10800,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9749,7 +10823,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -9757,7 +10831,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -9770,26 +10844,26 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -9838,7 +10912,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9851,33 +10925,33 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9895,13 +10969,13 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -9918,7 +10992,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -10025,6 +11099,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -10032,6 +11107,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -10039,6 +11115,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -10046,7 +11123,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10061,7 +11138,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10110,6 +11187,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -10117,6 +11195,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -10124,6 +11203,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -10131,7 +11211,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10146,7 +11226,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10175,7 +11255,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -10198,7 +11278,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10227,28 +11307,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10278,7 +11358,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10300,7 +11380,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -10329,7 +11409,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10340,7 +11420,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -10351,7 +11431,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10365,6 +11445,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -10372,6 +11453,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -10400,14 +11482,14 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "template": { SchemaProps: spec.SchemaProps{ Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -10472,7 +11554,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -10483,7 +11565,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -10502,6 +11584,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -10534,7 +11623,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10547,7 +11636,43 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Message provides human-readable context for Health (e.g. \"ECC error count exceeded threshold\"). This field is populated by the kubelet when ResourceHealthStatusMessage is enabled if the DRA plugin returns a message, and is null otherwise.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, } } @@ -10576,28 +11701,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10626,7 +11751,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10637,7 +11762,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -10648,7 +11773,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10667,7 +11792,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10688,7 +11813,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10697,14 +11822,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -10723,7 +11848,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10737,7 +11862,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10747,7 +11872,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -10766,7 +11891,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10780,7 +11905,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10796,13 +11921,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -10812,7 +11937,53 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -10883,7 +12054,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10910,6 +12081,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10924,6 +12096,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10940,7 +12113,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10970,7 +12143,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10997,6 +12170,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -11011,6 +12185,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -11027,7 +12202,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11051,7 +12226,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -11066,7 +12241,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -11079,11 +12254,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, "operator": { @@ -11189,7 +12364,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -11241,7 +12416,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11340,7 +12515,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11351,7 +12526,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -11362,7 +12537,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11394,7 +12569,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11411,7 +12586,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11474,7 +12649,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11498,7 +12673,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11512,7 +12687,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -11525,13 +12700,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -11571,7 +12746,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -11580,20 +12755,20 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -11622,14 +12797,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -11658,28 +12833,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11708,7 +12883,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { @@ -11723,13 +12898,13 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -11748,7 +12923,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -11765,7 +12940,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11794,7 +12969,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11805,7 +12980,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -11816,7 +12991,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11881,7 +13056,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11892,7 +13067,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -11903,7 +13078,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12027,7 +13202,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -12176,7 +13351,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -12232,7 +13407,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "trafficDistribution": { SchemaProps: spec.SchemaProps{ - Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are topologically close (e.g., same zone). This is an alpha field and requires enabling ServiceTrafficDistribution feature.", + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", Type: []string{"string"}, Format: "", }, @@ -12241,7 +13416,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -12256,7 +13431,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -12277,7 +13452,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -12287,7 +13462,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -12301,14 +13476,14 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, } } @@ -12372,14 +13547,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -12421,14 +13596,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -12524,8 +13699,8 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -12533,7 +13708,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -12553,10 +13728,10 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, }, }, "value": { @@ -12649,7 +13824,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -12664,7 +13839,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -12703,7 +13878,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { @@ -12715,7 +13890,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12723,7 +13898,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12754,7 +13929,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -12804,7 +13979,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -12861,175 +14037,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -13037,7 +14219,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -13174,10 +14356,18 @@ func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) co Format: "", }, }, + "volumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "volumeStatus represents volume-type-specific status about the mounted volume.", + Ref: ref(v1.VolumeStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"name", "mountPath"}, }, }, + Dependencies: []string{ + v1.VolumeStatus{}.OpenAPIModelName()}, } } @@ -13191,14 +14381,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -13206,44 +14396,50 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), }, }, "clusterTrustBundle": { SchemaProps: spec.SchemaProps{ Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", - Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, } } @@ -13262,7 +14458,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13276,7 +14472,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13286,7 +14482,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -13300,182 +14496,209 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_VolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeStatus represents the status of a mounted volume. At most one of its members must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.", + Ref: ref(v1.ImageVolumeStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.ImageVolumeStatus{}.OpenAPIModelName()}, } } @@ -13541,7 +14764,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -13549,7 +14772,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -13594,6 +14817,54 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -13636,7 +14907,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -13646,7 +14917,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { @@ -13662,7 +14933,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -13673,7 +14944,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -13711,7 +14982,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -13722,7 +14993,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -13890,7 +15161,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -13901,7 +15172,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -13959,7 +15230,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -13970,7 +15241,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14071,7 +15342,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -14095,7 +15366,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -14191,7 +15462,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -14228,11 +15499,18 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -14241,8 +15519,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -14494,15 +15822,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -14542,7 +15867,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -14557,7 +15882,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -14636,7 +15961,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -14646,7 +15971,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -14657,7 +15982,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -14696,9 +16021,17 @@ func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenA Format: "int64", }, }, + "shardInfo": { + SchemaProps: spec.SchemaProps{ + Description: "shardInfo is set when the list is a filtered subset of the full collection, as selected by a shard selector on the request. It echoes back the selector so clients can verify which shard they received and merge sharded responses. Clients should not cache sharded list responses as a full representation of the collection.\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Ref: ref(metav1.ShardInfo{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.ShardInfo{}.OpenAPIModelName()}, } } @@ -14793,6 +16126,13 @@ func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.Op Format: "", }, }, + "shardSelector": { + SchemaProps: spec.SchemaProps{ + Description: "shardSelector restricts the list of returned objects using a CEL-based shard selector expression. The format uses the shardRange() function combined with || (logical OR) to specify one or more hash ranges:\n\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000')\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000') || shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n\nField paths use CEL-style object-rooted syntax (e.g. \"object.metadata.uid\"), NOT the fieldSelector format (\"metadata.uid\"). Currently supported paths:\n - object.metadata.uid\n - object.metadata.namespace\n\nhexStart and hexEnd are single-quoted CEL string literals with a '0x' prefix, defining the inclusive lower and exclusive upper bounds over the 64-bit FNV-1a hash space. The full range is [0x0, 0x10000000000000000), where the exclusive upper bound equals 2^64.\n\nExamples:\n 2-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x8000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n 4-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x4000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x4000000000000000', '0x8000000000000000')\n shard 2: shardRange(object.metadata.uid, '0x8000000000000000', '0xc000000000000000')\n shard 3: shardRange(object.metadata.uid, '0xc000000000000000', '0x10000000000000000')\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -14830,7 +16170,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -14843,7 +16183,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -14857,7 +16197,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -14866,8 +16206,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -14932,13 +16272,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -14998,7 +16338,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -15038,7 +16378,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -15048,7 +16388,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15142,14 +16482,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -15178,7 +16518,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15189,7 +16529,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -15200,7 +16540,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -15374,6 +16714,28 @@ func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallb } } +func schema_pkg_apis_meta_v1_ShardInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ShardInfo describes the shard selector that was applied to produce a list response. Its presence on a list response indicates the list is a filtered subset.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "selector": { + SchemaProps: spec.SchemaProps{ + Description: "selector is the shard selector string from the request, echoed back so clients can verify which shard they received and merge responses from multiple shards.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"selector"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -15399,7 +16761,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -15424,14 +16786,9 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -15445,7 +16802,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -15531,7 +16888,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -15548,7 +16905,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -15577,7 +16934,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { @@ -15593,7 +16950,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, @@ -15612,7 +16969,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -15623,7 +16980,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -15754,7 +17111,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -15763,7 +17120,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -15771,7 +17128,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -15824,8 +17181,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -15966,7 +17323,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -15974,7 +17331,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -16065,16 +17422,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.36/client/go.mod b/generated/1.36/client/go.mod new file mode 100644 index 000000000..40ce0fa8d --- /dev/null +++ b/generated/1.36/client/go.mod @@ -0,0 +1,52 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.36/client + +go 1.26.0 + +replace go.pinniped.dev/generated/1.36/apis => ../apis + +require ( + go.pinniped.dev/generated/1.36/apis v0.0.0 + k8s.io/api v0.36.0 + k8s.io/apimachinery v0.36.0 + k8s.io/client-go v0.36.0 + k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a +) + +require ( + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/google/gnostic-models v0.7.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect + go.yaml.in/yaml/v3 v3.0.4 // indirect + golang.org/x/net v0.49.0 // indirect + golang.org/x/oauth2 v0.34.0 // indirect + golang.org/x/sys v0.40.0 // indirect + golang.org/x/term v0.39.0 // indirect + golang.org/x/text v0.33.0 // indirect + golang.org/x/time v0.14.0 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/klog/v2 v2.140.0 // indirect + k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect + sigs.k8s.io/yaml v1.6.0 // indirect +) diff --git a/generated/1.36/client/go.sum b/generated/1.36/client/go.sum new file mode 100644 index 000000000..f4d303505 --- /dev/null +++ b/generated/1.36/client/go.sum @@ -0,0 +1,117 @@ +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= +github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= +go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= +golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= +golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= +golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= +golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= +golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE= +golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= +golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI= +golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.36.0 h1:SgqDhZzHdOtMk40xVSvCXkP9ME0H05hPM3p9AB1kL80= +k8s.io/api v0.36.0/go.mod h1:m1LVrGPNYax5NBHdO+QuAedXyuzTt4RryI/qnmNvs34= +k8s.io/apimachinery v0.36.0 h1:jZyPzhd5Z+3h9vJLt0z9XdzW9VzNzWAUw+P1xZ9PXtQ= +k8s.io/apimachinery v0.36.0/go.mod h1:FklypaRJt6n5wUIwWXIP6GJlIpUizTgfo1T/As+Tyxc= +k8s.io/client-go v0.36.0 h1:pOYi7C4RHChYjMiHpZSpSbIM6ZxVbRXBy7CuiIwqA3c= +k8s.io/client-go v0.36.0/go.mod h1:ZKKcpwF0aLYfkHFCjillCKaTK/yBkEDHTDXCFY6AS9Y= +k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= +k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= +k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a h1:xCeOEAOoGYl2jnJoHkC3hkbPJgdATINPMAxaynU2Ovg= +k8s.io/kube-openapi v0.0.0-20260317180543-43fb72c5454a/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 h1:AZYQSJemyQB5eRxqcPky+/7EdBj0xi3g0ZcxxJ7vbWU= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.30/client/supervisor/clientset/versioned/clientset.go b/generated/1.36/client/supervisor/clientset/versioned/clientset.go similarity index 95% rename from generated/1.30/client/supervisor/clientset/versioned/clientset.go rename to generated/1.36/client/supervisor/clientset/versioned/clientset.go index aaa26eef8..adfcabb12 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.36/client/supervisor/clientset/versioned/clientset.go @@ -6,12 +6,12 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.30/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.36/client/supervisor/clientset/versioned/fake/clientset_generated.go similarity index 69% rename from generated/1.30/client/supervisor/clientset/versioned/fake/clientset_generated.go rename to generated/1.36/client/supervisor/clientset/versioned/fake/clientset_generated.go index d2d2f8ee6..f654d474c 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.36/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -6,13 +6,14 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -22,7 +23,7 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) @@ -36,9 +37,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } @@ -65,6 +70,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsUnSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/1.30/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.36/client/supervisor/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/fake/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/fake/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/fake/register.go b/generated/1.36/client/supervisor/clientset/versioned/fake/register.go similarity index 88% rename from generated/1.30/client/supervisor/clientset/versioned/fake/register.go rename to generated/1.36/client/supervisor/clientset/versioned/fake/register.go index 0606b090e..7d35ba038 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.36/client/supervisor/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.30/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.36/client/supervisor/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/scheme/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/scheme/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.36/client/supervisor/clientset/versioned/scheme/register.go similarity index 88% rename from generated/1.30/client/supervisor/clientset/versioned/scheme/register.go rename to generated/1.36/client/supervisor/clientset/versioned/scheme/register.go index 1d1580cc6..a175917b6 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.36/client/supervisor/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go similarity index 83% rename from generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go index 644c5b926..6ab5e2fe3 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret/v1alpha1" - "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ClientsecretV1alpha1Client) OIDCClientSecretRequests(namespace string) // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ClientsecretV1alpha1Client { return &ClientsecretV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := clientsecretv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go similarity index 85% rename from generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go index 36ec62041..b37fff2f6 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeClientsecretV1alpha1 struct { } func (c *FakeClientsecretV1alpha1) OIDCClientSecretRequests(namespace string) v1alpha1.OIDCClientSecretRequestInterface { - return &FakeOIDCClientSecretRequests{c, namespace} + return newFakeOIDCClientSecretRequests(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go new file mode 100644 index 000000000..69ed79d06 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type fakeOIDCClientSecretRequests struct { + *gentype.FakeClient[*v1alpha1.OIDCClientSecretRequest] + Fake *FakeClientsecretV1alpha1 +} + +func newFakeOIDCClientSecretRequests(fake *FakeClientsecretV1alpha1, namespace string) clientsecretv1alpha1.OIDCClientSecretRequestInterface { + return &fakeOIDCClientSecretRequests{ + gentype.NewFakeClient[*v1alpha1.OIDCClientSecretRequest]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest"), + func() *v1alpha1.OIDCClientSecretRequest { return &v1alpha1.OIDCClientSecretRequest{} }, + ), + fake, + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go new file mode 100644 index 000000000..7c6021151 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go @@ -0,0 +1,47 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + clientsecretv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. +// A group's client should implement this interface. +type OIDCClientSecretRequestsGetter interface { + OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface +} + +// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. +type OIDCClientSecretRequestInterface interface { + Create(ctx context.Context, oIDCClientSecretRequest *clientsecretv1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*clientsecretv1alpha1.OIDCClientSecretRequest, error) + OIDCClientSecretRequestExpansion +} + +// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type oIDCClientSecretRequests struct { + *gentype.Client[*clientsecretv1alpha1.OIDCClientSecretRequest] +} + +// newOIDCClientSecretRequests returns a OIDCClientSecretRequests +func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { + return &oIDCClientSecretRequests{ + gentype.NewClient[*clientsecretv1alpha1.OIDCClientSecretRequest]( + "oidcclientsecretrequests", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *clientsecretv1alpha1.OIDCClientSecretRequest { + return &clientsecretv1alpha1.OIDCClientSecretRequest{} + }, + ), + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 83% rename from generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 98a712578..359c2679c 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 83% rename from generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 21ba98e0d..c105ea76c 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { - return &FakeFederationDomains{c, namespace} + return newFakeFederationDomains(c, namespace) } func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} + return newFakeOIDCClients(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 000000000..e39980b82 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeFederationDomains implements FederationDomainInterface +type fakeFederationDomains struct { + *gentype.FakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList] + Fake *FakeConfigV1alpha1 +} + +func newFakeFederationDomains(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.FederationDomainInterface { + return &fakeFederationDomains{ + gentype.NewFakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("federationdomains"), + v1alpha1.SchemeGroupVersion.WithKind("FederationDomain"), + func() *v1alpha1.FederationDomain { return &v1alpha1.FederationDomain{} }, + func() *v1alpha1.FederationDomainList { return &v1alpha1.FederationDomainList{} }, + func(dst, src *v1alpha1.FederationDomainList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.FederationDomainList) []*v1alpha1.FederationDomain { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.FederationDomainList, items []*v1alpha1.FederationDomain) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go new file mode 100644 index 000000000..55266afea --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -0,0 +1,37 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClients implements OIDCClientInterface +type fakeOIDCClients struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList] + Fake *FakeConfigV1alpha1 +} + +func newFakeOIDCClients(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.OIDCClientInterface { + return &fakeOIDCClients{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclients"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClient"), + func() *v1alpha1.OIDCClient { return &v1alpha1.OIDCClient{} }, + func() *v1alpha1.OIDCClientList { return &v1alpha1.OIDCClientList{} }, + func(dst, src *v1alpha1.OIDCClientList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCClientList) []*v1alpha1.OIDCClient { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.OIDCClientList, items []*v1alpha1.OIDCClient) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 000000000..85dc6041b --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.CreateOptions) (*configv1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + *gentype.ClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList] +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + gentype.NewClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList]( + "federationdomains", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.FederationDomain { return &configv1alpha1.FederationDomain{} }, + func() *configv1alpha1.FederationDomainList { return &configv1alpha1.FederationDomainList{} }, + ), + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..156bb793b --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientsGetter has a method to return a OIDCClientInterface. +// A group's client should implement this interface. +type OIDCClientsGetter interface { + OIDCClients(namespace string) OIDCClientInterface +} + +// OIDCClientInterface has methods to work with OIDCClient resources. +type OIDCClientInterface interface { + Create(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.CreateOptions) (*configv1alpha1.OIDCClient, error) + Update(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.OIDCClient, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.OIDCClientList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.OIDCClient, err error) + OIDCClientExpansion +} + +// oIDCClients implements OIDCClientInterface +type oIDCClients struct { + *gentype.ClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList] +} + +// newOIDCClients returns a OIDCClients +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { + return &oIDCClients{ + gentype.NewClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList]( + "oidcclients", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.OIDCClient { return &configv1alpha1.OIDCClient{} }, + func() *configv1alpha1.OIDCClientList { return &configv1alpha1.OIDCClientList{} }, + ), + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 000000000..8eab25762 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,61 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList] +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList]( + "activedirectoryidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.ActiveDirectoryIdentityProvider { + return &idpv1alpha1.ActiveDirectoryIdentityProvider{} + }, + func() *idpv1alpha1.ActiveDirectoryIdentityProviderList { + return &idpv1alpha1.ActiveDirectoryIdentityProviderList{} + }, + ), + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 000000000..015afad20 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,41 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type fakeActiveDirectoryIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeActiveDirectoryIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.ActiveDirectoryIdentityProviderInterface { + return &fakeActiveDirectoryIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider"), + func() *v1alpha1.ActiveDirectoryIdentityProvider { return &v1alpha1.ActiveDirectoryIdentityProvider{} }, + func() *v1alpha1.ActiveDirectoryIdentityProviderList { + return &v1alpha1.ActiveDirectoryIdentityProviderList{} + }, + func(dst, src *v1alpha1.ActiveDirectoryIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList) []*v1alpha1.ActiveDirectoryIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList, items []*v1alpha1.ActiveDirectoryIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go new file mode 100644 index 000000000..1a1e8179f --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeGitHubIdentityProviders implements GitHubIdentityProviderInterface +type fakeGitHubIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeGitHubIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.GitHubIdentityProviderInterface { + return &fakeGitHubIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider"), + func() *v1alpha1.GitHubIdentityProvider { return &v1alpha1.GitHubIdentityProvider{} }, + func() *v1alpha1.GitHubIdentityProviderList { return &v1alpha1.GitHubIdentityProviderList{} }, + func(dst, src *v1alpha1.GitHubIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.GitHubIdentityProviderList) []*v1alpha1.GitHubIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.GitHubIdentityProviderList, items []*v1alpha1.GitHubIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go similarity index 78% rename from generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index 112a0c2f4..a802c2937 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,19 +16,19 @@ type FakeIDPV1alpha1 struct { } func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { - return &FakeActiveDirectoryIdentityProviders{c, namespace} + return newFakeActiveDirectoryIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) GitHubIdentityProviders(namespace string) v1alpha1.GitHubIdentityProviderInterface { - return &FakeGitHubIdentityProviders{c, namespace} + return newFakeGitHubIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { - return &FakeLDAPIdentityProviders{c, namespace} + return newFakeLDAPIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { - return &FakeOIDCIdentityProviders{c, namespace} + return newFakeOIDCIdentityProviders(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 000000000..e5cb8a8d3 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type fakeLDAPIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeLDAPIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.LDAPIdentityProviderInterface { + return &fakeLDAPIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider"), + func() *v1alpha1.LDAPIdentityProvider { return &v1alpha1.LDAPIdentityProvider{} }, + func() *v1alpha1.LDAPIdentityProviderList { return &v1alpha1.LDAPIdentityProviderList{} }, + func(dst, src *v1alpha1.LDAPIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.LDAPIdentityProviderList) []*v1alpha1.LDAPIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.LDAPIdentityProviderList, items []*v1alpha1.LDAPIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 000000000..9acbd11e9 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type fakeOIDCIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeOIDCIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.OIDCIdentityProviderInterface { + return &fakeOIDCIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider"), + func() *v1alpha1.OIDCIdentityProvider { return &v1alpha1.OIDCIdentityProvider{} }, + func() *v1alpha1.OIDCIdentityProviderList { return &v1alpha1.OIDCIdentityProviderList{} }, + func(dst, src *v1alpha1.OIDCIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCIdentityProviderList) []*v1alpha1.OIDCIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.OIDCIdentityProviderList, items []*v1alpha1.OIDCIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go new file mode 100644 index 000000000..6306fea49 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. +// A group's client should implement this interface. +type GitHubIdentityProvidersGetter interface { + GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface +} + +// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. +type GitHubIdentityProviderInterface interface { + Create(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Update(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.GitHubIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.GitHubIdentityProvider, err error) + GitHubIdentityProviderExpansion +} + +// gitHubIdentityProviders implements GitHubIdentityProviderInterface +type gitHubIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList] +} + +// newGitHubIdentityProviders returns a GitHubIdentityProviders +func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { + return &gitHubIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList]( + "githubidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.GitHubIdentityProvider { return &idpv1alpha1.GitHubIdentityProvider{} }, + func() *idpv1alpha1.GitHubIdentityProviderList { return &idpv1alpha1.GitHubIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go similarity index 85% rename from generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index 5ac8cd29b..d6ed91ec5 100644 --- a/generated/1.30/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned/scheme" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -47,9 +47,7 @@ func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentity // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -61,9 +59,7 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -86,17 +82,15 @@ func New(c rest.Interface) *IDPV1alpha1Client { return &IDPV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := idpv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 000000000..79a3a5887 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList] +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList]( + "ldapidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.LDAPIdentityProvider { return &idpv1alpha1.LDAPIdentityProvider{} }, + func() *idpv1alpha1.LDAPIdentityProviderList { return &idpv1alpha1.LDAPIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 000000000..515a46373 --- /dev/null +++ b/generated/1.36/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList] +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList]( + "oidcidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.OIDCIdentityProvider { return &idpv1alpha1.OIDCIdentityProvider{} }, + func() *idpv1alpha1.OIDCIdentityProviderList { return &idpv1alpha1.OIDCIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.30/client/supervisor/informers/externalversions/config/interface.go b/generated/1.36/client/supervisor/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.30/client/supervisor/informers/externalversions/config/interface.go rename to generated/1.36/client/supervisor/informers/externalversions/config/interface.go index ea97272ef..017806e82 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.36/client/supervisor/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go new file mode 100644 index 000000000..a236a9b2b --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// FederationDomainInformer provides access to a shared informer and lister for +// FederationDomains. +type FederationDomainInformer interface { + Informer() cache.SharedIndexInformer + Lister() configv1alpha1.FederationDomainLister +} + +type federationDomainInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFederationDomainInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewFederationDomainInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewFederationDomainInformerWithOptions constructs a new informer for FederationDomain type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, opts) + }, + }, client), + &supervisorconfigv1alpha1.FederationDomain{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFederationDomainInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisorconfigv1alpha1.FederationDomain{}, f.defaultInformer) +} + +func (f *federationDomainInformer) Lister() configv1alpha1.FederationDomainLister { + return configv1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/interface.go similarity index 95% rename from generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 97683d226..48dc078f9 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..52286e728 --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCClientInformer provides access to a shared informer and lister for +// OIDCClients. +type OIDCClientInformer interface { + Informer() cache.SharedIndexInformer + Lister() configv1alpha1.OIDCClientLister +} + +type oIDCClientInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOIDCClientInformer constructs a new informer for OIDCClient type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewOIDCClientInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredOIDCClientInformer constructs a new informer for OIDCClient type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewOIDCClientInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewOIDCClientInformerWithOptions constructs a new informer for OIDCClient type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCClientInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().OIDCClients(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, opts) + }, + }, client), + &supervisorconfigv1alpha1.OIDCClient{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewOIDCClientInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisorconfigv1alpha1.OIDCClient{}, f.defaultInformer) +} + +func (f *oIDCClientInformer) Lister() configv1alpha1.OIDCClientLister { + return configv1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/supervisor/informers/externalversions/factory.go b/generated/1.36/client/supervisor/informers/externalversions/factory.go similarity index 67% rename from generated/1.30/client/supervisor/informers/externalversions/factory.go rename to generated/1.36/client/supervisor/informers/externalversions/factory.go index 0b9cc1eff..7309d01a0 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.36/client/supervisor/informers/externalversions/factory.go @@ -6,17 +6,19 @@ package externalversions import ( + context "context" reflect "reflect" sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" - config "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/idp" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" + wait "k8s.io/apimachinery/pkg/util/wait" cache "k8s.io/client-go/tools/cache" ) @@ -31,6 +33,7 @@ type sharedInformerFactory struct { defaultResync time.Duration customResync map[reflect.Type]time.Duration transform cache.TransformFunc + informerName *cache.InformerName informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -77,6 +80,21 @@ func WithTransform(transform cache.TransformFunc) SharedInformerOption { } } +// WithInformerName sets the InformerName for informer identity used in metrics. +// The InformerName must be created via cache.NewInformerName() at startup, +// which validates global uniqueness. Each informer type will register its +// GVR under this name. +func WithInformerName(informerName *cache.InformerName) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.informerName = informerName + return factory + } +} + +func (f *sharedInformerFactory) InformerName() *cache.InformerName { + return f.informerName +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -85,6 +103,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -110,6 +129,10 @@ func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResy } func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.StartWithContext(wait.ContextForChannel(stopCh)) +} + +func (f *sharedInformerFactory) StartWithContext(ctx context.Context) { f.lock.Lock() defer f.lock.Unlock() @@ -119,15 +142,9 @@ func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { for informerType, informer := range f.informers { if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() + f.wg.Go(func() { + informer.RunWithContext(ctx) + }) f.startedInformers[informerType] = true } } @@ -140,9 +157,15 @@ func (f *sharedInformerFactory) Shutdown() { // Will return immediately if there is nothing to wait for. f.wg.Wait() + f.informerName.Release() } func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + result := f.WaitForCacheSyncWithContext(wait.ContextForChannel(stopCh)) + return result.Synced +} + +func (f *sharedInformerFactory) WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult { informers := func() map[reflect.Type]cache.SharedIndexInformer { f.lock.Lock() defer f.lock.Unlock() @@ -156,10 +179,31 @@ func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[ref return informers }() - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + // Wait for informers to sync, without polling. + cacheSyncs := make([]cache.DoneChecker, 0, len(informers)) + for _, informer := range informers { + cacheSyncs = append(cacheSyncs, informer.HasSyncedChecker()) } + cache.WaitFor(ctx, "" /* no logging */, cacheSyncs...) + + res := cache.SyncResult{ + Synced: make(map[reflect.Type]bool, len(informers)), + } + failed := false + for informType, informer := range informers { + hasSynced := informer.HasSynced() + if !hasSynced { + failed = true + } + res.Synced[informType] = hasSynced + } + if failed { + // context.Cause is more informative than ctx.Err(). + // This must be non-nil, otherwise WaitFor wouldn't have stopped + // prematurely. + res.Err = context.Cause(ctx) + } + return res } @@ -181,7 +225,9 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) - informer.SetTransform(f.transform) + if f.transform != nil { + informer.SetTransform(f.transform) + } f.informers[informerType] = informer return informer @@ -192,32 +238,52 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. // genericInformer := factory.ForResource(resource) // typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } +// handle, err := typeInformer.Informer().AddEventHandler(...) +// if err != nil { +// return fmt.Errorf("register event handler: %v", err) +// } +// defer typeInformer.Informer().RemoveEventHandler(handle) // Avoids leaking goroutines. +// factory.StartWithContext(ctx) // Start processing these informers. +// synced := factory.WaitForCacheSyncWithContext(ctx) +// if err := synced.AsError(); err != nil { +// return err +// } +// for v := range synced { +// // Only if desired log some information similar to this. +// fmt.Fprintf(os.Stdout, "cache synced: %s", v) +// } +// +// // Also make sure that all of the initial cache events have been delivered. +// if !WaitFor(ctx, "event handler sync", handle.HasSyncedChecker()) { +// // Must have failed because of context. +// return fmt.Errorf("sync event handler: %w", context.Cause(ctx)) // } // // // Creating informers can also be created after Start, but then // // Start must be called again: // anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) +// factory.StartWithContext(ctx) type SharedInformerFactory interface { internalinterfaces.SharedInformerFactory // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + // + // Contextual logging: StartWithContext should be used instead of Start in code which supports contextual logging. Start(stopCh <-chan struct{}) + // StartWithContext initializes all requested informers. They are handled in goroutines + // which run until the context gets canceled. + // Warning: StartWithContext does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + StartWithContext(ctx context.Context) + // Shutdown marks a factory as shutting down. At that point no new // informers can be started anymore and Start will return without // doing anything. @@ -232,8 +298,14 @@ type SharedInformerFactory interface { // WaitForCacheSync blocks until all started informers' caches were synced // or the stop channel gets closed. + // + // Contextual logging: WaitForCacheSync should be used instead of WaitForCacheSync in code which supports contextual logging. It also returns a more useful result. WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + // WaitForCacheSyncWithContext blocks until all started informers' caches were synced + // or the context gets canceled. + WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult + // ForResource gives generic access to a shared informer of the matching type. ForResource(resource schema.GroupVersionResource) (GenericInformer, error) diff --git a/generated/1.30/client/supervisor/informers/externalversions/generic.go b/generated/1.36/client/supervisor/informers/externalversions/generic.go similarity index 94% rename from generated/1.30/client/supervisor/informers/externalversions/generic.go rename to generated/1.36/client/supervisor/informers/externalversions/generic.go index 97d5be84b..afd9d5d57 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.36/client/supervisor/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.36/client/supervisor/informers/externalversions/idp/interface.go similarity index 89% rename from generated/1.30/client/supervisor/informers/externalversions/idp/interface.go rename to generated/1.36/client/supervisor/informers/externalversions/idp/interface.go index 8f22a4aeb..c3875bd07 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/interface.go @@ -6,8 +6,8 @@ package idp import ( - v1alpha1 "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 000000000..ba4e5cc51 --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for +// ActiveDirectoryIdentityProviders. +type ActiveDirectoryIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister +} + +type activeDirectoryIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewActiveDirectoryIdentityProviderInformerWithOptions constructs a new informer for ActiveDirectoryIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, opts) + }, + }, client), + &supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) +} + +func (f *activeDirectoryIdentityProviderInformer) Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister { + return idpv1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go new file mode 100644 index 000000000..143da9f59 --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// GitHubIdentityProviderInformer provides access to a shared informer and lister for +// GitHubIdentityProviders. +type GitHubIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() idpv1alpha1.GitHubIdentityProviderLister +} + +type gitHubIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewGitHubIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewGitHubIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewGitHubIdentityProviderInformerWithOptions constructs a new informer for GitHubIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewGitHubIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "githubidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, opts) + }, + }, client), + &supervisoridpv1alpha1.GitHubIdentityProvider{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewGitHubIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisoridpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) +} + +func (f *gitHubIdentityProviderInformer) Lister() idpv1alpha1.GitHubIdentityProviderLister { + return idpv1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go similarity index 97% rename from generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 9c187993d..86ed26bc2 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 000000000..752243a31 --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderInformer provides access to a shared informer and lister for +// LDAPIdentityProviders. +type LDAPIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() idpv1alpha1.LDAPIdentityProviderLister +} + +type lDAPIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewLDAPIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewLDAPIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewLDAPIdentityProviderInformerWithOptions constructs a new informer for LDAPIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, opts) + }, + }, client), + &supervisoridpv1alpha1.LDAPIdentityProvider{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewLDAPIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisoridpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) +} + +func (f *lDAPIdentityProviderInformer) Lister() idpv1alpha1.LDAPIdentityProviderLister { + return idpv1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 000000000..75a9ca60c --- /dev/null +++ b/generated/1.36/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,103 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + time "time" + + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.36/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderInformer provides access to a shared informer and lister for +// OIDCIdentityProviders. +type OIDCIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() idpv1alpha1.OIDCIdentityProviderLister +} + +type oIDCIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewOIDCIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) +} + +// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return NewOIDCIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewOIDCIdentityProviderInformerWithOptions constructs a new informer for OIDCIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.Background(), opts) + }, + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.Background(), opts) + }, + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(ctx, opts) + }, + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&opts) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, opts) + }, + }, client), + &supervisoridpv1alpha1.OIDCIdentityProvider{}, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, + ) +} + +func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewOIDCIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) +} + +func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&supervisoridpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) +} + +func (f *oIDCIdentityProviderInformer) Lister() idpv1alpha1.OIDCIdentityProviderLister { + return idpv1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 54% rename from generated/1.30/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.36/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index d618761d8..995e1aa56 100644 --- a/generated/1.30/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.36/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.30/client/supervisor/clientset/versioned" + versioned "go.pinniped.dev/generated/1.36/client/supervisor/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" @@ -21,7 +21,26 @@ type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexI type SharedInformerFactory interface { Start(stopCh <-chan struct{}) InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer + InformerName() *cache.InformerName } // TweakListOptionsFunc is a function that transforms a v1.ListOptions. type TweakListOptionsFunc func(*v1.ListOptions) + +// InformerOptions holds the options for creating an informer. +type InformerOptions struct { + // ResyncPeriod is the resync period for this informer. + // If not set, defaults to 0 (no resync). + ResyncPeriod time.Duration + + // Indexers are the indexers for this informer. + Indexers cache.Indexers + + // InformerName is used to uniquely identify this informer for metrics. + // If not set, metrics will not be published for this informer. + // Use cache.NewInformerName() to create an InformerName at startup. + InformerName *cache.InformerName + + // TweakListOptions is an optional function to modify the list options. + TweakListOptions TweakListOptionsFunc +} diff --git a/generated/1.30/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.36/client/supervisor/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.30/client/supervisor/listers/config/v1alpha1/expansion_generated.go rename to generated/1.36/client/supervisor/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.30/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.36/client/supervisor/listers/config/v1alpha1/federationdomain.go similarity index 50% rename from generated/1.30/client/supervisor/listers/config/v1alpha1/federationdomain.go rename to generated/1.36/client/supervisor/listers/config/v1alpha1/federationdomain.go index 15d5ad3cc..c21c3430e 100644 --- a/generated/1.30/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.36/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // FederationDomainLister helps list FederationDomains. @@ -17,7 +17,7 @@ import ( type FederationDomainLister interface { // List lists all FederationDomains in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // FederationDomains returns an object that can list and get FederationDomains. FederationDomains(namespace string) FederationDomainNamespaceLister FederationDomainListerExpansion @@ -25,25 +25,17 @@ type FederationDomainLister interface { // federationDomainLister implements the FederationDomainLister interface. type federationDomainLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } // NewFederationDomainLister returns a new FederationDomainLister. func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { - return &federationDomainLister{indexer: indexer} -} - -// List lists all FederationDomains in the indexer. -func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err + return &federationDomainLister{listers.New[*configv1alpha1.FederationDomain](indexer, configv1alpha1.Resource("federationdomain"))} } // FederationDomains returns an object that can list and get FederationDomains. func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { - return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} + return federationDomainNamespaceLister{listers.NewNamespaced[*configv1alpha1.FederationDomain](s.ResourceIndexer, namespace)} } // FederationDomainNamespaceLister helps list and get FederationDomains. @@ -51,36 +43,15 @@ func (s *federationDomainLister) FederationDomains(namespace string) FederationD type FederationDomainNamespaceLister interface { // List lists all FederationDomains in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // Get retrieves the FederationDomain from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.FederationDomain, error) + Get(name string) (*configv1alpha1.FederationDomain, error) FederationDomainNamespaceListerExpansion } // federationDomainNamespaceLister implements the FederationDomainNamespaceLister // interface. type federationDomainNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all FederationDomains in the indexer for a given namespace. -func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// Get retrieves the FederationDomain from the indexer for a given namespace and name. -func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) - } - return obj.(*v1alpha1.FederationDomain), nil + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } diff --git a/generated/1.36/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.36/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..8ce93b91f --- /dev/null +++ b/generated/1.36/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2026 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{listers.New[*configv1alpha1.OIDCClient](indexer, configv1alpha1.Resource("oidcclient"))} +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{listers.NewNamespaced[*configv1alpha1.OIDCClient](s.ResourceIndexer, namespace)} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} diff --git a/generated/1.30/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.36/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go similarity index 52% rename from generated/1.30/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go rename to generated/1.36/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index b7f10415f..a4abe7375 100644 --- a/generated/1.30/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.36/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. @@ -17,7 +17,7 @@ import ( type ActiveDirectoryIdentityProviderLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister ActiveDirectoryIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type ActiveDirectoryIdentityProviderLister interface { // activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. type activeDirectoryIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } // NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { - return &activeDirectoryIdentityProviderLister{indexer: indexer} -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer. -func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err + return &activeDirectoryIdentityProviderLister{listers.New[*idpv1alpha1.ActiveDirectoryIdentityProvider](indexer, idpv1alpha1.Resource("activedirectoryidentityprovider"))} } // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { - return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return activeDirectoryIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.ActiveDirectoryIdentityProvider](s.ResourceIndexer, namespace)} } // ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. @@ -51,36 +43,15 @@ func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders type ActiveDirectoryIdentityProviderNamespaceLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Get(name string) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) ActiveDirectoryIdentityProviderNamespaceListerExpansion } // activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister // interface. type activeDirectoryIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. -func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. -func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } diff --git a/generated/1.30/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.36/client/supervisor/listers/idp/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.30/client/supervisor/listers/idp/v1alpha1/expansion_generated.go rename to generated/1.36/client/supervisor/listers/idp/v1alpha1/expansion_generated.go diff --git a/generated/1.30/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go b/generated/1.36/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go similarity index 51% rename from generated/1.30/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go rename to generated/1.36/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go index 23bdc243e..f5c1df9b6 100644 --- a/generated/1.30/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go +++ b/generated/1.36/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // GitHubIdentityProviderLister helps list GitHubIdentityProviders. @@ -17,7 +17,7 @@ import ( type GitHubIdentityProviderLister interface { // List lists all GitHubIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister GitHubIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type GitHubIdentityProviderLister interface { // gitHubIdentityProviderLister implements the GitHubIdentityProviderLister interface. type gitHubIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } // NewGitHubIdentityProviderLister returns a new GitHubIdentityProviderLister. func NewGitHubIdentityProviderLister(indexer cache.Indexer) GitHubIdentityProviderLister { - return &gitHubIdentityProviderLister{indexer: indexer} -} - -// List lists all GitHubIdentityProviders in the indexer. -func (s *gitHubIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err + return &gitHubIdentityProviderLister{listers.New[*idpv1alpha1.GitHubIdentityProvider](indexer, idpv1alpha1.Resource("githubidentityprovider"))} } // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister { - return gitHubIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return gitHubIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.GitHubIdentityProvider](s.ResourceIndexer, namespace)} } // GitHubIdentityProviderNamespaceLister helps list and get GitHubIdentityProviders. @@ -51,36 +43,15 @@ func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) type GitHubIdentityProviderNamespaceLister interface { // List lists all GitHubIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.GitHubIdentityProvider, error) + Get(name string) (*idpv1alpha1.GitHubIdentityProvider, error) GitHubIdentityProviderNamespaceListerExpansion } // gitHubIdentityProviderNamespaceLister implements the GitHubIdentityProviderNamespaceLister // interface. type gitHubIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all GitHubIdentityProviders in the indexer for a given namespace. -func (s gitHubIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. -func (s gitHubIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.GitHubIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("githubidentityprovider"), name) - } - return obj.(*v1alpha1.GitHubIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } diff --git a/generated/1.30/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.36/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go similarity index 51% rename from generated/1.30/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go rename to generated/1.36/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index bbc6aa844..556606d51 100644 --- a/generated/1.30/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.36/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // LDAPIdentityProviderLister helps list LDAPIdentityProviders. @@ -17,7 +17,7 @@ import ( type LDAPIdentityProviderLister interface { // List lists all LDAPIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister LDAPIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type LDAPIdentityProviderLister interface { // lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. type lDAPIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } // NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { - return &lDAPIdentityProviderLister{indexer: indexer} -} - -// List lists all LDAPIdentityProviders in the indexer. -func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err + return &lDAPIdentityProviderLister{listers.New[*idpv1alpha1.LDAPIdentityProvider](indexer, idpv1alpha1.Resource("ldapidentityprovider"))} } // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { - return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return lDAPIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.LDAPIdentityProvider](s.ResourceIndexer, namespace)} } // LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. @@ -51,36 +43,15 @@ func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDA type LDAPIdentityProviderNamespaceLister interface { // List lists all LDAPIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + Get(name string) (*idpv1alpha1.LDAPIdentityProvider, error) LDAPIdentityProviderNamespaceListerExpansion } // lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister // interface. type lDAPIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all LDAPIdentityProviders in the indexer for a given namespace. -func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. -func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) - } - return obj.(*v1alpha1.LDAPIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } diff --git a/generated/1.30/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.36/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go similarity index 51% rename from generated/1.30/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go rename to generated/1.36/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index 6e5af710c..f873fcb04 100644 --- a/generated/1.30/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.36/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.30/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // OIDCIdentityProviderLister helps list OIDCIdentityProviders. @@ -17,7 +17,7 @@ import ( type OIDCIdentityProviderLister interface { // List lists all OIDCIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister OIDCIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type OIDCIdentityProviderLister interface { // oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. type oIDCIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } // NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { - return &oIDCIdentityProviderLister{indexer: indexer} -} - -// List lists all OIDCIdentityProviders in the indexer. -func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err + return &oIDCIdentityProviderLister{listers.New[*idpv1alpha1.OIDCIdentityProvider](indexer, idpv1alpha1.Resource("oidcidentityprovider"))} } // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { - return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return oIDCIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.OIDCIdentityProvider](s.ResourceIndexer, namespace)} } // OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. @@ -51,36 +43,15 @@ func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OID type OIDCIdentityProviderNamespaceLister interface { // List lists all OIDCIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + Get(name string) (*idpv1alpha1.OIDCIdentityProvider, error) OIDCIdentityProviderNamespaceListerExpansion } // oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister // interface. type oIDCIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCIdentityProviders in the indexer for a given namespace. -func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. -func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) - } - return obj.(*v1alpha1.OIDCIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } diff --git a/generated/1.30/client/concierge/openapi/zz_generated.openapi.go b/generated/1.36/client/supervisor/openapi/zz_generated.openapi.go similarity index 79% rename from generated/1.30/client/concierge/openapi/zz_generated.openapi.go rename to generated/1.36/client/supervisor/openapi/zz_generated.openapi.go index b2d516fce..45634d760 100644 --- a/generated/1.30/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.36/client/supervisor/openapi/zz_generated.openapi.go @@ -6,416 +6,328 @@ // Code generated by openapi-gen. DO NOT EDIT. -package concierge +package supervisor import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1alpha1 "go.pinniped.dev/generated/1.36/apis/supervisor/clientsecret/v1alpha1" + v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostIP": schema_k8sio_api_core_v1_HostIP(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.ModifyVolumeStatus": schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodResourceClaimStatus": schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.SleepAction": schema_k8sio_api_core_v1_SleepAction(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), + v1alpha1.OIDCClientSecretRequestList{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), + v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.ImageVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeStatus(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSchedulingGroup{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGroup(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeStatus(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.ShardInfo{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ShardInfo(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } -func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "user": { - SchemaProps: spec.SchemaProps{ - Description: "User is the UserInfo associated with the current user.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.UserInfo"), - }, - }, - "audiences": { - SchemaProps: spec.SchemaProps{ - Description: "Audiences are audience identifiers chosen by the authenticator.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"user"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.UserInfo"}, - } -} - -func schema_apis_concierge_identity_v1alpha1_UserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UserInfo holds the information about the user needed to implement the user.Info interface.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "username": { - SchemaProps: spec.SchemaProps{ - Description: "The name that uniquely identifies this user among all active users.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "The names of groups this user is a part of.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "extra": { - SchemaProps: spec.SchemaProps{ - Description: "Any additional information provided by the authenticator.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - }, - Required: []string{"username"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequest submits a request to echo back the current authenticated user.", + Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -435,34 +347,35 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref(v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref(v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName()), }, }, }, + Required: []string{"spec"}, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(), v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequestList is a list of WhoAmIRequest objects.", + Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -482,18 +395,18 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { SchemaProps: spec.SchemaProps{ - Description: "Items is a list of WhoAmIRequest.", + Description: "Items is a list of OIDCClientSecretRequest.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref(v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName()), }, }, }, @@ -504,238 +417,65 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Spec is always empty for a WhoAmIRequest.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is set by the server in the response to a WhoAmIRequest.", + Description: "Spec of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kubernetesUserInfo": { + "generateNewSecret": { SchemaProps: spec.SchemaProps{ - Description: "The current authenticated user, exactly as Kubernetes understands it.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), - }, - }, - }, - Required: []string{"kubernetesUserInfo"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, - } -} - -func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "expirationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Token is a bearer token used by the client for request authentication.", - Type: []string{"string"}, + Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, - "clientCertificateData": { + "revokeOldSecrets": { SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded client TLS certificates (including intermediates, if any).", - Type: []string{"string"}, - Format: "", - }, - }, - "clientKeyData": { - SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded private key for the above certificate.", - Type: []string{"string"}, + Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, }, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.", + Description: "Status of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kind": { + "generatedSecret": { SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", Type: []string{"string"}, Format: "", }, }, - "apiVersion": { + "totalClientSecrets": { SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: 0, + Type: []string{"integer"}, + Format: "int32", }, }, }, + Required: []string{"totalClientSecrets"}, }, }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequestList is a list of TokenCredentialRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of TokenCredentialRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Specification of a TokenCredentialRequest, expected on requests to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Bearer token supplied with the credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - "authenticator": { - SchemaProps: spec.SchemaProps{ - Description: "Reference to an authenticator which can validate this credential request.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), - }, - }, - }, - Required: []string{"authenticator"}, - }, - }, - Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a TokenCredentialRequest, returned on responses to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "credential": { - SchemaProps: spec.SchemaProps{ - Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.ClusterCredential"), - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "An error message will be returned for an unsuccessful credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.30/apis/concierge/login/v1alpha1.ClusterCredential"}, } } @@ -792,26 +532,26 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, } } @@ -907,7 +647,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -917,7 +657,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -947,6 +687,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "cachingMode": { SchemaProps: spec.SchemaProps{ Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, @@ -955,6 +696,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -962,6 +704,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, @@ -969,6 +712,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "kind": { SchemaProps: spec.SchemaProps{ Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", Enum: []interface{}{"Dedicated", "Managed", "Shared"}, @@ -1066,7 +810,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1087,14 +831,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1102,7 +846,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1110,7 +854,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -1162,31 +906,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1194,7 +938,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1246,7 +990,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1254,7 +998,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1362,7 +1106,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1377,7 +1121,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1432,7 +1176,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1447,7 +1191,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1483,7 +1227,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1491,7 +1235,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1527,7 +1271,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1535,34 +1279,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, - } -} - -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1610,7 +1327,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "optional": { @@ -1633,7 +1350,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -1706,7 +1423,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { @@ -1727,7 +1444,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1737,7 +1454,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1766,7 +1483,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1777,7 +1494,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1788,7 +1505,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1817,7 +1534,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1862,7 +1579,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1961,7 +1678,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1972,7 +1689,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1983,7 +1700,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -2067,7 +1784,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -2084,7 +1801,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2116,7 +1833,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -2140,7 +1857,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2232,7 +1949,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -2245,13 +1962,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -2275,7 +1992,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -2285,7 +2002,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -2295,13 +2012,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources resize policy for the container.", + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -2309,11 +2026,30 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -2332,7 +2068,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2356,7 +2092,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2365,25 +2101,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2412,7 +2148,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2441,7 +2177,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2567,6 +2341,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2577,26 +2421,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2610,14 +2454,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2660,13 +2504,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2681,7 +2525,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2731,14 +2575,14 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { @@ -2795,7 +2639,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -2804,7 +2648,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "resources": { SchemaProps: spec.SchemaProps{ Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "volumeMounts": { @@ -2825,18 +2669,77 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), }, }, }, }, }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, Required: []string{"name", "ready", "restartCount", "image", "imageID"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2882,7 +2785,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2892,7 +2795,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2914,13 +2817,13 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2935,7 +2838,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -2959,7 +2862,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2976,7 +2879,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2997,14 +2900,14 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) "sizeLimit": { SchemaProps: spec.SchemaProps{ Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -3012,7 +2915,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { @@ -3040,7 +2943,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -3053,7 +2956,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -3061,7 +2964,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -3110,7 +3013,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { @@ -3126,7 +3029,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -3145,7 +3048,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -3164,7 +3067,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -3174,7 +3077,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -3182,7 +3085,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3203,7 +3106,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { @@ -3219,7 +3122,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -3229,7 +3132,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -3237,7 +3140,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3258,7 +3161,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3269,7 +3172,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -3280,7 +3183,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3288,12 +3191,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3301,20 +3204,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3327,7 +3230,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3343,7 +3246,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3351,7 +3254,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3365,32 +3268,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3482,7 +3391,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3495,13 +3404,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3525,7 +3434,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3535,7 +3444,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3551,7 +3460,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3559,11 +3468,30 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3582,7 +3510,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3606,7 +3534,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3615,25 +3543,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3662,7 +3590,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3698,7 +3626,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3790,7 +3718,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3803,13 +3731,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3833,7 +3761,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3843,7 +3771,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3859,7 +3787,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3867,11 +3795,30 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3890,7 +3837,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3914,7 +3861,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3923,25 +3870,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3970,7 +3917,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3999,7 +3946,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -4013,14 +3960,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -4049,14 +3996,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -4077,19 +4024,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -4109,13 +4056,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -4128,7 +4075,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -4152,7 +4099,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -4181,7 +4128,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -4192,7 +4139,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -4203,7 +4150,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -4224,14 +4171,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -4369,6 +4316,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4394,7 +4392,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4425,7 +4423,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4454,7 +4452,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4485,7 +4483,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4563,7 +4561,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4677,7 +4676,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4753,7 +4752,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4764,7 +4763,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -4926,6 +4925,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4981,7 +4981,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4996,7 +4996,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -5034,6 +5034,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -5089,7 +5090,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -5104,7 +5105,56 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeStatus represents the image-based volume status.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "imageRef": { + SchemaProps: spec.SchemaProps{ + Description: "ImageRef is the digest of the image used for this volume. It should have a value that's similar to the pod's status.containerStatuses[i].imageID. The ImageRef length should not exceed 256 characters.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"imageRef"}, + }, + }, } } @@ -5155,20 +5205,28 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -5181,33 +5239,33 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "sleep": { SchemaProps: spec.SchemaProps{ - Description: "Sleep represents the duration that the container should sleep before being terminated.", - Ref: ref("k8s.io/api/core/v1.SleepAction"), + Description: "Sleep represents a duration that the container should sleep.", + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.SleepAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -5236,21 +5294,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5277,7 +5335,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5291,7 +5349,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5305,7 +5363,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5319,7 +5377,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5333,7 +5391,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5344,7 +5402,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5373,7 +5431,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5384,7 +5442,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -5395,7 +5453,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5419,7 +5477,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -5430,7 +5488,57 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, } } @@ -5459,7 +5567,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5469,7 +5577,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5480,7 +5588,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5525,7 +5633,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5535,7 +5643,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5559,7 +5667,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5569,7 +5677,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5603,7 +5711,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5720,28 +5828,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5770,19 +5878,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5790,7 +5901,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5819,7 +5930,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5830,7 +5941,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5841,7 +5952,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5911,7 +6022,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -5921,7 +6032,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -5950,28 +6061,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6015,7 +6126,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { @@ -6031,7 +6142,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -6041,7 +6152,65 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatus describes the status of node allocatable resources allocated via DRA.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the resource claim referenced by the pod that resulted in this node allocatable resource allocation.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "containers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Containers lists the names of all containers in this pod that reference the claim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is a map of the node-allocatable resource name to the aggregate quantity allocated to the claim.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"resourceClaimName", "resources"}, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, } } @@ -6071,13 +6240,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -6099,7 +6268,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -6113,14 +6282,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -6134,19 +6303,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -6160,7 +6329,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -6175,14 +6344,34 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -6211,7 +6400,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6222,7 +6411,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -6233,7 +6422,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6289,14 +6478,14 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) c "features": { SchemaProps: spec.SchemaProps{ Description: "Supported features.", - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, } } @@ -6304,7 +6493,7 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCal return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeRuntimeHandlerFeatures is a set of runtime features.", + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "recursiveReadOnlyMounts": { @@ -6314,6 +6503,13 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCal Format: "", }, }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, @@ -6340,7 +6536,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -6356,7 +6552,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -6431,7 +6627,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6450,7 +6646,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6465,7 +6661,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -6531,7 +6727,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -6540,7 +6736,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -6554,7 +6750,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -6567,13 +6763,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6587,7 +6783,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6613,13 +6809,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6637,13 +6833,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6653,14 +6849,14 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { @@ -6676,7 +6872,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, @@ -6715,7 +6911,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6724,7 +6920,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), }, }, "runtimeHandlers": { @@ -6740,7 +6936,33 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", }, }, }, @@ -6750,7 +6972,27 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6819,7 +7061,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6841,10 +7083,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -6974,28 +7224,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7024,28 +7274,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7058,28 +7308,30 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -7101,7 +7353,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7130,7 +7382,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7141,7 +7393,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -7152,7 +7404,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7187,14 +7439,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -7222,18 +7474,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", Type: []string{"string"}, Format: "", }, @@ -7242,7 +7494,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/api/core/v1.VolumeResourceRequirements", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7290,7 +7542,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7314,7 +7566,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -7322,13 +7574,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7341,7 +7593,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -7350,7 +7602,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"ControllerResizeFailed", "ControllerResizeInProgress", "NodeResizeFailed", "NodeResizeInProgress", "NodeResizePending"}, + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, }, }, }, @@ -7358,22 +7610,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "currentVolumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, "modifyVolumeStatus": { SchemaProps: spec.SchemaProps{ - Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature.", - Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ModifyVolumeStatus", "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7388,14 +7640,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -7403,7 +7655,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7461,7 +7713,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7472,7 +7724,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -7483,7 +7735,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7496,141 +7748,141 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -7649,7 +7901,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7657,134 +7909,134 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { @@ -7816,7 +8068,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -7864,13 +8116,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process. This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", Type: []string{"string"}, Format: "", }, @@ -7879,7 +8131,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7914,15 +8166,15 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac }, "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ - Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7980,28 +8232,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8025,7 +8277,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8044,7 +8296,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8054,7 +8306,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -8068,7 +8320,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { @@ -8102,7 +8354,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "matchLabelKeys": { @@ -8112,7 +8364,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8132,7 +8384,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8150,7 +8402,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -8174,7 +8426,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8187,13 +8439,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8203,7 +8455,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -8269,6 +8521,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8284,6 +8608,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -8295,13 +8626,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -8323,7 +8654,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8387,7 +8718,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -8397,7 +8728,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -8410,15 +8741,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -8510,6 +8842,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8557,7 +8932,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -8568,7 +8943,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -8579,7 +8954,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -8635,7 +9010,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -8647,7 +9022,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -8666,11 +9041,18 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8803,7 +9185,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and this Pod belongs to a PodGroup, a PodResourceClaim is matched to a PodGroupResourceClaim if all of their fields are equal (Name, ResourceClaimName, and ResourceClaimTemplateName). A matched claim references a single ResourceClaim shared across all Pods in the PodGroup, reserved for the PodGroup in ResourceClaimStatus.ReservedFor rather than for individual Pods.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8814,19 +9196,24 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and the pod belongs to a PodGroup that defines a PodGroupResourceClaim with the same Name and ResourceClaimTemplateName, this PodResourceClaim resolves to the ResourceClaim generated for the PodGroup. All pods in the group that define an equivalent PodResourceClaim matching the PodGroupResourceClaim's Name and ResourceClaimTemplateName share the same generated ResourceClaim. ResourceClaims generated for a PodGroup are owned by the PodGroup and their lifecycles are tied to the PodGroup instead of any individual pod.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8847,7 +9234,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. It this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.\n\nWhen the DRAWorkloadResourceClaims feature is enabled and the corresponding PodResourceClaim matches a PodGroupResourceClaim made by the Pod's PodGroup, then this is the name of the ResourceClaim generated and reserved for the PodGroup.\n\nIf this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -8881,6 +9268,37 @@ func schema_k8sio_api_core_v1_PodSchedulingGate(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_PodSchedulingGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodSchedulingGroup identifies the runtime scheduling group instance that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics. Exactly one field must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "podGroupName": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupName specifies the name of the standalone PodGroup object that represents the runtime instance of this group. Must be a DNS subdomain.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "fields-to-discriminateBy": map[string]interface{}{ + "podGroupName": "PodGroupName", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8891,13 +9309,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -8928,7 +9346,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8941,6 +9359,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8961,7 +9387,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -8978,20 +9404,27 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -9005,14 +9438,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -9041,7 +9474,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -9059,13 +9492,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9089,7 +9522,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9113,7 +9546,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -9193,14 +9626,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -9229,7 +9662,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { @@ -9250,7 +9683,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -9273,7 +9706,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -9296,7 +9729,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -9320,7 +9753,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -9343,7 +9776,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { @@ -9359,7 +9792,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -9395,7 +9828,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -9420,7 +9853,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -9428,20 +9861,20 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { SchemaProps: spec.SchemaProps{ - Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host.", Type: []string{"boolean"}, Format: "", }, @@ -9464,7 +9897,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -9482,24 +9915,43 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "schedulingGroup": { + SchemaProps: spec.SchemaProps{ + Description: "SchedulingGroup provides a reference to the immediate scheduling runtime grouping object that this Pod belongs to. This field is used by the scheduler to identify the group and apply the correct group scheduling policies. The association with a group also impacts other lifecycle aspects of a Pod that are relevant in a wider context of scheduling like preemption, resource attachment, etc. If not specified, the Pod is treated as a single unit in all of these aspects. The group object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a group object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.PodSchedulingGroup{}.OpenAPIModelName()), + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSchedulingGroup{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -9510,6 +9962,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", @@ -9536,7 +9995,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -9585,7 +10044,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostIP"), + Ref: ref(v1.HostIP{}.OpenAPIModelName()), }, }, }, @@ -9616,7 +10075,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -9625,7 +10084,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { @@ -9635,13 +10094,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9654,13 +10113,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9681,13 +10140,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9695,7 +10154,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "resize": { SchemaProps: spec.SchemaProps{ - Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", Type: []string{"string"}, Format: "", }, @@ -9718,7 +10177,52 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaimStatus"), + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "nodeAllocatableResourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatuses contains the status of node-allocatable resources that were allocated for this pod through DRA claims. This includes resources currently reported in v1.Node `status.allocatable` that are not extended resources (see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#extended-resources). Examples include \"cpu\", \"memory\", \"ephemeral-storage\", and hugepages.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName()), }, }, }, @@ -9728,7 +10232,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9757,21 +10261,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9800,21 +10304,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9843,7 +10347,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9854,7 +10358,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -9865,7 +10369,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9880,21 +10384,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9902,7 +10406,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -9982,13 +10487,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10010,7 +10515,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -10033,7 +10538,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -10041,7 +10546,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -10054,26 +10559,26 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -10122,7 +10627,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10135,33 +10640,33 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10179,13 +10684,13 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -10202,7 +10707,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -10309,6 +10814,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -10316,6 +10822,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -10323,6 +10830,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -10330,7 +10838,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10345,7 +10853,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10394,6 +10902,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -10401,6 +10910,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -10408,6 +10918,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -10415,7 +10926,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10430,7 +10941,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10459,7 +10970,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -10482,7 +10993,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10511,28 +11022,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10562,7 +11073,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10584,7 +11095,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -10613,7 +11124,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10624,7 +11135,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -10635,7 +11146,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10649,6 +11160,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -10656,6 +11168,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -10684,14 +11197,14 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "template": { SchemaProps: spec.SchemaProps{ Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -10756,7 +11269,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -10767,7 +11280,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -10786,6 +11299,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -10818,7 +11338,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10831,7 +11351,43 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Message provides human-readable context for Health (e.g. \"ECC error count exceeded threshold\"). This field is populated by the kubelet when ResourceHealthStatusMessage is enabled if the DRA plugin returns a message, and is null otherwise.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, } } @@ -10860,28 +11416,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10910,7 +11466,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10921,7 +11477,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -10932,7 +11488,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10951,7 +11507,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10972,7 +11528,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10981,14 +11537,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -11007,7 +11563,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11021,7 +11577,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11031,7 +11587,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -11050,7 +11606,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11064,7 +11620,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11080,13 +11636,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -11096,7 +11652,53 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -11167,7 +11769,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11194,6 +11796,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -11208,6 +11811,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -11224,7 +11828,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -11254,7 +11858,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11281,6 +11885,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -11295,6 +11900,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -11311,7 +11917,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11335,7 +11941,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -11350,7 +11956,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -11363,11 +11969,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, "operator": { @@ -11473,7 +12079,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -11525,7 +12131,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11624,7 +12230,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11635,7 +12241,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -11646,7 +12252,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11678,7 +12284,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11695,7 +12301,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11758,7 +12364,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11782,7 +12388,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11796,7 +12402,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -11809,13 +12415,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -11855,7 +12461,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -11864,20 +12470,20 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -11906,14 +12512,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -11942,28 +12548,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11992,7 +12598,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { @@ -12007,13 +12613,13 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12032,7 +12638,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12049,7 +12655,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -12078,7 +12684,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12089,7 +12695,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -12100,7 +12706,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12165,7 +12771,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12176,7 +12782,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -12187,7 +12793,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12311,7 +12917,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -12460,7 +13066,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -12516,7 +13122,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "trafficDistribution": { SchemaProps: spec.SchemaProps{ - Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are topologically close (e.g., same zone). This is an alpha field and requires enabling ServiceTrafficDistribution feature.", + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", Type: []string{"string"}, Format: "", }, @@ -12525,7 +13131,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -12540,7 +13146,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -12561,7 +13167,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -12571,7 +13177,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -12585,14 +13191,14 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, } } @@ -12656,14 +13262,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -12705,14 +13311,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -12808,8 +13414,8 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -12817,7 +13423,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -12837,10 +13443,10 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, }, }, "value": { @@ -12933,7 +13539,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -12948,7 +13554,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -12987,7 +13593,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { @@ -12999,7 +13605,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -13007,7 +13613,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -13038,7 +13644,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -13088,7 +13694,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -13145,175 +13752,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -13321,7 +13934,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -13458,10 +14071,18 @@ func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) co Format: "", }, }, + "volumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "volumeStatus represents volume-type-specific status about the mounted volume.", + Ref: ref(v1.VolumeStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"name", "mountPath"}, }, }, + Dependencies: []string{ + v1.VolumeStatus{}.OpenAPIModelName()}, } } @@ -13475,14 +14096,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -13490,44 +14111,50 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), }, }, "clusterTrustBundle": { SchemaProps: spec.SchemaProps{ Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", - Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, } } @@ -13546,7 +14173,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13560,7 +14187,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13570,7 +14197,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -13584,182 +14211,209 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_VolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeStatus represents the status of a mounted volume. At most one of its members must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.", + Ref: ref(v1.ImageVolumeStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.ImageVolumeStatus{}.OpenAPIModelName()}, } } @@ -13825,7 +14479,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -13833,7 +14487,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -13878,6 +14532,54 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -13920,7 +14622,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -13930,7 +14632,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { @@ -13946,7 +14648,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -13957,7 +14659,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -13995,7 +14697,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -14006,7 +14708,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -14174,7 +14876,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -14185,7 +14887,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -14243,7 +14945,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -14254,7 +14956,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14355,7 +15057,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -14379,7 +15081,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -14475,7 +15177,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -14512,11 +15214,18 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -14525,8 +15234,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -14778,15 +15537,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -14826,7 +15582,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -14841,7 +15597,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -14920,7 +15676,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -14930,7 +15686,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -14941,7 +15697,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -14980,9 +15736,17 @@ func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenA Format: "int64", }, }, + "shardInfo": { + SchemaProps: spec.SchemaProps{ + Description: "shardInfo is set when the list is a filtered subset of the full collection, as selected by a shard selector on the request. It echoes back the selector so clients can verify which shard they received and merge sharded responses. Clients should not cache sharded list responses as a full representation of the collection.\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Ref: ref(metav1.ShardInfo{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.ShardInfo{}.OpenAPIModelName()}, } } @@ -15077,6 +15841,13 @@ func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.Op Format: "", }, }, + "shardSelector": { + SchemaProps: spec.SchemaProps{ + Description: "shardSelector restricts the list of returned objects using a CEL-based shard selector expression. The format uses the shardRange() function combined with || (logical OR) to specify one or more hash ranges:\n\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000')\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000') || shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n\nField paths use CEL-style object-rooted syntax (e.g. \"object.metadata.uid\"), NOT the fieldSelector format (\"metadata.uid\"). Currently supported paths:\n - object.metadata.uid\n - object.metadata.namespace\n\nhexStart and hexEnd are single-quoted CEL string literals with a '0x' prefix, defining the inclusive lower and exclusive upper bounds over the 64-bit FNV-1a hash space. The full range is [0x0, 0x10000000000000000), where the exclusive upper bound equals 2^64.\n\nExamples:\n 2-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x8000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n 4-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x4000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x4000000000000000', '0x8000000000000000')\n shard 2: shardRange(object.metadata.uid, '0x8000000000000000', '0xc000000000000000')\n shard 3: shardRange(object.metadata.uid, '0xc000000000000000', '0x10000000000000000')\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -15114,7 +15885,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -15127,7 +15898,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -15141,7 +15912,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15150,8 +15921,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -15216,13 +15987,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -15282,7 +16053,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -15322,7 +16093,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -15332,7 +16103,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15426,14 +16197,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -15462,7 +16233,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15473,7 +16244,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -15484,7 +16255,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -15658,6 +16429,28 @@ func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallb } } +func schema_pkg_apis_meta_v1_ShardInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ShardInfo describes the shard selector that was applied to produce a list response. Its presence on a list response indicates the list is a filtered subset.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "selector": { + SchemaProps: spec.SchemaProps{ + Description: "selector is the shard selector string from the request, echoed back so clients can verify which shard they received and merge responses from multiple shards.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"selector"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -15683,7 +16476,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -15708,14 +16501,9 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -15729,7 +16517,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -15815,7 +16603,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -15832,7 +16620,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -15861,7 +16649,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { @@ -15877,7 +16665,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, @@ -15896,7 +16684,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -15907,7 +16695,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -16038,7 +16826,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -16047,7 +16835,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16055,7 +16843,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -16108,8 +16896,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -16250,7 +17038,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16258,7 +17046,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -16349,16 +17137,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.36/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml similarity index 100% rename from generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml rename to generated/1.36/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml diff --git a/generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.36/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 100% rename from generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml rename to generated/1.36/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml diff --git a/generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.36/crds/config.concierge.pinniped.dev_credentialissuers.yaml similarity index 100% rename from generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml rename to generated/1.36/crds/config.concierge.pinniped.dev_credentialissuers.yaml diff --git a/generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.36/crds/config.supervisor.pinniped.dev_federationdomains.yaml similarity index 100% rename from generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml rename to generated/1.36/crds/config.supervisor.pinniped.dev_federationdomains.yaml diff --git a/generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.36/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 100% rename from generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.36/crds/config.supervisor.pinniped.dev_oidcclients.yaml diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.36/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml similarity index 100% rename from generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml rename to generated/1.36/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.36/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml similarity index 100% rename from generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml rename to generated/1.36/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.36/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml similarity index 100% rename from generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml rename to generated/1.36/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.36/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml similarity index 100% rename from generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml rename to generated/1.36/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml diff --git a/generated/latest/README.adoc b/generated/latest/README.adoc index 4bcefa66b..56bb46ecc 100644 --- a/generated/latest/README.adoc +++ b/generated/latest/README.adoc @@ -23,32 +23,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -60,14 +60,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-claimvalidationrule"] ==== ClaimValidationRule ClaimValidationRule provides the configuration for a single claim validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -98,14 +98,14 @@ Mutually exclusive with claim and requiredValue. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-extramapping"] ==== ExtraMapping ExtraMapping provides the configuration for a single extra mapping. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] **** [cols="25a,75a", options="header"] @@ -132,7 +132,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator JWTAuthenticator describes the configuration of a JWT authenticator. @@ -142,41 +142,41 @@ signature, existence of claims, etc.) and extract the username and groups from t .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] ==== JWTAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] ==== JWTAuthenticatorSpec JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] @@ -185,14 +185,14 @@ JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. | *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + also used to validate the "iss" JWT claim. + | *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + +| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + +| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + These allow invariants to be applied to incoming identities such as preventing the + use of the system: prefix that is commonly used by Kubernetes components. + The validation rules are logically ANDed together and must all return true for the validation to pass. + @@ -200,29 +200,29 @@ This is similar to claimValidationRules from Kubernetes AuthenticationConfigurat https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] ==== JWTAuthenticatorStatus JWTAuthenticatorStatus is the status of a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwttokenclaims"] ==== JWTTokenClaims JWTTokenClaims allows customization of the claims that will be mapped to user identity @@ -230,7 +230,7 @@ for Kubernetes access. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -295,7 +295,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + Mutually exclusive with groups. Use either groups or groupsExpression to + determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + +| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + However, note that the Pinniped Concierge issues client certificates to users for the purpose + @@ -336,34 +336,34 @@ This will result in: + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration on various authenticators. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-uservalidationrule"] ==== UserValidationRule UserValidationRule provides the configuration for a single user info validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -383,73 +383,73 @@ message is a literal string. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator"] ==== WebhookAuthenticator WebhookAuthenticator describes the configuration of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] ==== WebhookAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] ==== WebhookAuthenticatorSpec Spec for configuring a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] ==== WebhookAuthenticatorStatus Status of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + |=== @@ -461,35 +461,35 @@ Package clientsecret is the internal version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -500,14 +500,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -526,36 +526,36 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -566,14 +566,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -592,125 +592,125 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer"] ==== CredentialIssuer CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend"] ==== CredentialIssuerFrontend CredentialIssuerFrontend describes how to connect using a particular integration strategy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + This field is only set when Type is "ImpersonationProxy". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec"] ==== CredentialIssuerSpec CredentialIssuerSpec describes the intended configuration of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus"] ==== CredentialIssuerStatus CredentialIssuerStatus describes the status of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy"] ==== CredentialIssuerStrategy CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + +| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + | *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#time-v1-meta[$$Time$$]__ | When the status was last checked. + +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-frontendtype"] ==== FrontendType (string) FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyinfo"] ==== ImpersonationProxyInfo ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -721,7 +721,7 @@ ImpersonationProxyInfo describes the parameters for the impersonation proxy on t |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxymode"] ==== ImpersonationProxyMode (string) ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. @@ -729,25 +729,25 @@ Allowed values are "auto", "enabled", or "disabled". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] ==== ImpersonationProxyServiceSpec ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + @@ -757,7 +757,7 @@ This is not supported on all cloud providers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] ==== ImpersonationProxyServiceType (string) ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. @@ -765,40 +765,40 @@ Allowed values are "LoadBalancer", "ClusterIP", or "None". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec"] ==== ImpersonationProxySpec ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + +| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + - "disabled" explicitly disables the impersonation proxy. This is the default. + - "enabled" explicitly enables the impersonation proxy. + - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + | *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + If this field is empty, the impersonation proxy will generate its own TLS certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] ==== ImpersonationProxyTLSSpec ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should @@ -812,7 +812,7 @@ the impersonation proxy endpoint. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] @@ -825,50 +825,50 @@ the TLS serving certificate for the Concierge impersonation proxy endpoint. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategyreason"] ==== StrategyReason (string) StrategyReason enumerates the detailed reason why a strategy is in a particular status. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategystatus"] ==== StrategyStatus (string) StrategyStatus enumerates whether a strategy is working on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-strategytype"] ==== StrategyType (string) StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] ==== TokenCredentialRequestAPIInfo TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -887,34 +887,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain FederationDomain describes the configuration of an OIDC provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] ==== FederationDomainIdentityProvider FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -923,62 +923,62 @@ FederationDomainIdentityProvider describes how an identity provider is made avai | *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + +| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + If the reference cannot be resolved then the identity provider will not be made available. + Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + +| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + session refresh. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainphase"] ==== FederationDomainPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainsecrets"] ==== FederationDomainSecrets FederationDomainSecrets holds information about this OIDC Provider's secrets. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + stored. If it is empty, then the signing/verification keys are either unknown or they don't + exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + encrypting state parameters is stored. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec"] ==== FederationDomainSpec FederationDomainSpec is a struct that describes an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] @@ -992,8 +992,8 @@ https://example.com/foo/some/path/to/auth/endpoint). + See + https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + +| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + @@ -1018,33 +1018,33 @@ explicitly list the identity provider using this IdentityProviders field. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainstatus"] ==== FederationDomainStatus FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] ==== FederationDomainTLSSpec FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -1070,21 +1070,21 @@ When your Issuer URL's host is an IP address, then this field is ignored. SNI do |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms"] ==== FederationDomainTransforms FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + +| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + +| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + authentication attempt, including during every session refresh. + Each is a CEL expression. It may use the basic CEL language as defined in + https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + @@ -1112,7 +1112,7 @@ Any compilation or static type-checking failure of any expression will cause an During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + +| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + expected. Examples define sample input identities which are then run through the expression list, and the + results are compared to the expected results. If any example in this list fails, then this + identity provider will not be available for use within this FederationDomain, and the error(s) will be + @@ -1121,7 +1121,7 @@ expressions, and also act as living documentation for other administrators to be |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] ==== FederationDomainTransformsConstant FederationDomainTransformsConstant defines a constant variable and its value which will be made available to @@ -1129,7 +1129,7 @@ the transform expressions. This is a union type, and Type is the discriminator f .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1143,14 +1143,14 @@ Allowed values are "string" or "stringList". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] ==== FederationDomainTransformsExample FederationDomainTransformsExample defines a transform example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1158,19 +1158,19 @@ FederationDomainTransformsExample defines a transform example. | Field | Description | *`username`* __string__ | Username is the input username. + | *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + +| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + input Username and Groups. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] ==== FederationDomainTransformsExampleExpects FederationDomainTransformsExampleExpects defines the expected result for a transforms example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] **** [cols="25a,75a", options="header"] @@ -1190,14 +1190,14 @@ transformation error, such as a runtime error. When Rejected is false, there is |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] ==== FederationDomainTransformsExpression FederationDomainTransformsExpression defines a transform expression. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1211,70 +1211,70 @@ an authentication attempt. When empty, a default message will be used. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-granttype"] ==== GrantType (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient describes the configuration of an OIDC client. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientphase"] ==== OIDCClientPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec"] ==== OIDCClientSpec OIDCClientSpec is a struct that describes an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + +| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. + Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + +| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + client. + Must only contain the following values: + @@ -1285,7 +1285,7 @@ This grant must be listed if allowedScopes lists offline_access. + - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + which is a step in the process to be able to get a cluster credential for the user. + This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + +| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: + - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + @@ -1301,37 +1301,37 @@ Without the username scope being requested and allowed, the ID token will not co - groups: The client is allowed to request that ID tokens contain the user's group membership, + if their group membership is discoverable by the Supervisor. + Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + +| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientstatus"] ==== OIDCClientStatus OIDCClientStatus is a struct that describes the actual state of an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] ==== OIDCClientTokenLifetimes OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** [cols="25a,75a", options="header"] @@ -1350,26 +1350,26 @@ longer lifetimes. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-redirecturi"] ==== RedirectURI (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-scope"] ==== Scope (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** @@ -1382,19 +1382,19 @@ Package identity is the internal version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1402,18 +1402,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1421,7 +1421,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1432,57 +1432,57 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1494,19 +1494,19 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1514,18 +1514,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1533,7 +1533,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1544,58 +1544,58 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1607,34 +1607,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity pro -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] ==== ActiveDirectoryIdentityProvider ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] ==== ActiveDirectoryIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1648,14 +1648,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] ==== ActiveDirectoryIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1689,7 +1689,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -1717,14 +1717,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] ==== ActiveDirectoryIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -1741,66 +1741,66 @@ where domain is constructed from the domain components of the group DN. + -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] ==== ActiveDirectoryIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] ==== ActiveDirectoryIdentityProviderSpec Spec for configuring an ActiveDirectory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] ==== ActiveDirectoryIdentityProviderStatus Status of an Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] ==== ActiveDirectoryIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1824,19 +1824,19 @@ This means that the user is a person, is not a computer, the sAMAccountType is f and is not shown in advanced view only + (which would likely mean its a system created service account with advanced permissions). + Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] ==== ActiveDirectoryIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -1851,32 +1851,32 @@ Optional, when empty this defaults to "objectGUID". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -1888,14 +1888,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig"] ==== GitHubAPIConfig GitHubAPIConfig allows configuration for GitHub Enterprise Server .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1909,56 +1909,56 @@ Port is optional. Do not specify a path, query, fragment, or userinfo. + Only specify domain name or IP address, subdomains (optional), and port (optional). + IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + Note that this field should not be needed when using GitHub's public API ("github.com"). + However, if you choose to specify this field when using GitHub's public API, you must + specify a CA bundle that will verify connections to "api.github.com". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] ==== GitHubAllowAuthenticationSpec GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + +| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] ==== GitHubAllowedAuthOrganizationsPolicy (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims"] ==== GitHubClaims GitHubClaims allows customization of the username and groups claims. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + +| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + Can be either "id", "login", or "login:id". Defaults to "login:id". + @@ -1979,7 +1979,7 @@ choice to concatenate the two values. + See the response schema for + [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + +| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + Can be either "name" or "slug". Defaults to "slug". + @@ -2000,7 +2000,7 @@ See the response schema for + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclientspec"] ==== GitHubClientSpec GitHubClientSpec contains information about the GitHub client that this identity provider will use @@ -2008,7 +2008,7 @@ for web-based login flows. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2021,7 +2021,7 @@ This secret must be of type "secrets.pinniped.dev/github-client" with keys "clie |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] ==== GitHubGroupNameAttribute (string) GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group @@ -2030,12 +2030,12 @@ names to present to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider"] ==== GitHubIdentityProvider GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. @@ -2046,85 +2046,85 @@ as OIDCClients. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] ==== GitHubIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] ==== GitHubIdentityProviderSpec GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + +| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + +| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] ==== GitHubIdentityProviderStatus GitHubIdentityProviderStatus is the status of an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] ==== GitHubOrganizationsSpec .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + +| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + Defaults to "OnlyUsersFromAllowedOrganizations". + Must be set to "AllGitHubUsers" if the allowed field is empty. + @@ -2144,7 +2144,7 @@ If no organizations are listed, you must set organizations: AllGitHubUsers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubusernameattribute"] ==== GitHubUsernameAttribute (string) GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present @@ -2153,12 +2153,12 @@ to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access @@ -2166,27 +2166,27 @@ Protocol (LDAP) identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] ==== LDAPIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2200,14 +2200,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] ==== LDAPIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2232,7 +2232,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -2260,14 +2260,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] ==== LDAPIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -2283,66 +2283,66 @@ Optional. When not specified, the default will act as if the GroupName were spec -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] ==== LDAPIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] ==== LDAPIdentityProviderSpec Spec for configuring an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] ==== LDAPIdentityProviderStatus Status of an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] ==== LDAPIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2358,19 +2358,19 @@ Note that the dn (distinguished name) is not an attribute of an entry, so "dn={} Optional. When not specified, the default will act as if the Filter were specified as the value from + Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] ==== LDAPIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -2390,7 +2390,7 @@ server in the user's entry. Distinguished names can be used by specifying lower- |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] ==== OIDCAuthorizationConfig OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization @@ -2398,7 +2398,7 @@ request parameters. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2432,7 +2432,7 @@ may ignore scopes that it does not understand or require (see + https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + @@ -2468,14 +2468,14 @@ allowPasswordGrant defaults to false. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclaims"] ==== OIDCClaims OIDCClaims provides a mapping from upstream claims into identities. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2499,7 +2499,7 @@ are not available, the "additionalClaims" claim will be excluded from the ID tok |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient contains information about an OIDC client (e.g., client ID and client @@ -2507,7 +2507,7 @@ secret). .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2520,48 +2520,48 @@ struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oid |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] ==== OIDCIdentityProvider OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] ==== OIDCIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] ==== OIDCIdentityProviderSpec OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] @@ -2569,42 +2569,42 @@ OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. | Field | Description | *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + /.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] ==== OIDCIdentityProviderStatus OIDCIdentityProviderStatus is the status of an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-parameter"] ==== Parameter Parameter is a key/value pair which represents a parameter in an HTTP request. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] **** [cols="25a,75a", options="header"] @@ -2615,24 +2615,24 @@ Parameter is a key/value pair which represents a parameter in an HTTP request. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration for identity provider integration. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== @@ -2645,7 +2645,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-clustercredential"] ==== ClusterCredential ClusterCredential is the cluster-specific credential returned on a successful credential request. It @@ -2653,73 +2653,73 @@ contains either a valid bearer token or a valid TLS certificate and correspondin .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + | *`token`* __string__ | Token is a bearer token used by the client for request authentication. + | *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + | *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest"] ==== TokenCredentialRequest TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] ==== TokenCredentialRequestSpec Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.36/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] ==== TokenCredentialRequestStatus Status of a TokenCredentialRequest, returned on responses to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-36-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + | *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + |=== diff --git a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go index b538bfa4e..72e9a3ee4 100644 --- a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -72,7 +72,7 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } -// IsWatchListSemanticsSupported informs the reflector that this client +// IsWatchListSemanticsUnSupported informs the reflector that this client // doesn't support WatchList semantics. // // This is a synthetic method whose sole purpose is to satisfy the optional diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index c02aee427..ff2c41a70 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -15,6 +15,7 @@ import ( authenticationv1alpha1 "go.pinniped.dev/generated/latest/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -35,48 +36,61 @@ type jWTAuthenticatorInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewJWTAuthenticatorInformerWithOptions constructs a new informer for JWTAuthenticator type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.Background(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.Background(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(ctx, options) + return client.AuthenticationV1alpha1().JWTAuthenticators().List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, options) + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, opts) }, }, client), &conciergeauthenticationv1alpha1.JWTAuthenticator{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewJWTAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index d95b68ea4..4c053383c 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -15,6 +15,7 @@ import ( authenticationv1alpha1 "go.pinniped.dev/generated/latest/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -35,48 +36,61 @@ type webhookAuthenticatorInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewWebhookAuthenticatorInformerWithOptions constructs a new informer for WebhookAuthenticator type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.Background(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.Background(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(ctx, options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, opts) }, }, client), &conciergeauthenticationv1alpha1.WebhookAuthenticator{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewWebhookAuthenticatorInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 7b0bfddca..0e6d04e79 100644 --- a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -15,6 +15,7 @@ import ( configv1alpha1 "go.pinniped.dev/generated/latest/client/concierge/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -35,48 +36,61 @@ type credentialIssuerInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewCredentialIssuerInformerWithOptions constructs a new informer for CredentialIssuer type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformerWithOptions(client versioned.Interface, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().CredentialIssuers().List(context.Background(), options) + return client.ConfigV1alpha1().CredentialIssuers().List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.Background(), options) + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().CredentialIssuers().List(ctx, options) + return client.ConfigV1alpha1().CredentialIssuers().List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, options) + return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, opts) }, }, client), &conciergeconfigv1alpha1.CredentialIssuer{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewCredentialIssuerInformerWithOptions(client, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/concierge/informers/externalversions/factory.go b/generated/latest/client/concierge/informers/externalversions/factory.go index 5671d51bf..02dc35644 100644 --- a/generated/latest/client/concierge/informers/externalversions/factory.go +++ b/generated/latest/client/concierge/informers/externalversions/factory.go @@ -6,6 +6,7 @@ package externalversions import ( + context "context" reflect "reflect" sync "sync" time "time" @@ -17,6 +18,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" + wait "k8s.io/apimachinery/pkg/util/wait" cache "k8s.io/client-go/tools/cache" ) @@ -31,6 +33,7 @@ type sharedInformerFactory struct { defaultResync time.Duration customResync map[reflect.Type]time.Duration transform cache.TransformFunc + informerName *cache.InformerName informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -77,6 +80,21 @@ func WithTransform(transform cache.TransformFunc) SharedInformerOption { } } +// WithInformerName sets the InformerName for informer identity used in metrics. +// The InformerName must be created via cache.NewInformerName() at startup, +// which validates global uniqueness. Each informer type will register its +// GVR under this name. +func WithInformerName(informerName *cache.InformerName) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.informerName = informerName + return factory + } +} + +func (f *sharedInformerFactory) InformerName() *cache.InformerName { + return f.informerName +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -111,6 +129,10 @@ func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResy } func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.StartWithContext(wait.ContextForChannel(stopCh)) +} + +func (f *sharedInformerFactory) StartWithContext(ctx context.Context) { f.lock.Lock() defer f.lock.Unlock() @@ -120,15 +142,9 @@ func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { for informerType, informer := range f.informers { if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() + f.wg.Go(func() { + informer.RunWithContext(ctx) + }) f.startedInformers[informerType] = true } } @@ -141,9 +157,15 @@ func (f *sharedInformerFactory) Shutdown() { // Will return immediately if there is nothing to wait for. f.wg.Wait() + f.informerName.Release() } func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + result := f.WaitForCacheSyncWithContext(wait.ContextForChannel(stopCh)) + return result.Synced +} + +func (f *sharedInformerFactory) WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult { informers := func() map[reflect.Type]cache.SharedIndexInformer { f.lock.Lock() defer f.lock.Unlock() @@ -157,10 +179,31 @@ func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[ref return informers }() - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + // Wait for informers to sync, without polling. + cacheSyncs := make([]cache.DoneChecker, 0, len(informers)) + for _, informer := range informers { + cacheSyncs = append(cacheSyncs, informer.HasSyncedChecker()) } + cache.WaitFor(ctx, "" /* no logging */, cacheSyncs...) + + res := cache.SyncResult{ + Synced: make(map[reflect.Type]bool, len(informers)), + } + failed := false + for informType, informer := range informers { + hasSynced := informer.HasSynced() + if !hasSynced { + failed = true + } + res.Synced[informType] = hasSynced + } + if failed { + // context.Cause is more informative than ctx.Err(). + // This must be non-nil, otherwise WaitFor wouldn't have stopped + // prematurely. + res.Err = context.Cause(ctx) + } + return res } @@ -182,7 +225,9 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) - informer.SetTransform(f.transform) + if f.transform != nil { + informer.SetTransform(f.transform) + } f.informers[informerType] = informer return informer @@ -199,27 +244,46 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // defer factory.WaitForStop() // Returns immediately if nothing was started. // genericInformer := factory.ForResource(resource) // typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } +// handle, err := typeInformer.Informer().AddEventHandler(...) +// if err != nil { +// return fmt.Errorf("register event handler: %v", err) +// } +// defer typeInformer.Informer().RemoveEventHandler(handle) // Avoids leaking goroutines. +// factory.StartWithContext(ctx) // Start processing these informers. +// synced := factory.WaitForCacheSyncWithContext(ctx) +// if err := synced.AsError(); err != nil { +// return err +// } +// for v := range synced { +// // Only if desired log some information similar to this. +// fmt.Fprintf(os.Stdout, "cache synced: %s", v) +// } +// +// // Also make sure that all of the initial cache events have been delivered. +// if !WaitFor(ctx, "event handler sync", handle.HasSyncedChecker()) { +// // Must have failed because of context. +// return fmt.Errorf("sync event handler: %w", context.Cause(ctx)) // } // // // Creating informers can also be created after Start, but then // // Start must be called again: // anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) +// factory.StartWithContext(ctx) type SharedInformerFactory interface { internalinterfaces.SharedInformerFactory // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + // + // Contextual logging: StartWithContext should be used instead of Start in code which supports contextual logging. Start(stopCh <-chan struct{}) + // StartWithContext initializes all requested informers. They are handled in goroutines + // which run until the context gets canceled. + // Warning: StartWithContext does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + StartWithContext(ctx context.Context) + // Shutdown marks a factory as shutting down. At that point no new // informers can be started anymore and Start will return without // doing anything. @@ -234,8 +298,14 @@ type SharedInformerFactory interface { // WaitForCacheSync blocks until all started informers' caches were synced // or the stop channel gets closed. + // + // Contextual logging: WaitForCacheSync should be used instead of WaitForCacheSync in code which supports contextual logging. It also returns a more useful result. WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + // WaitForCacheSyncWithContext blocks until all started informers' caches were synced + // or the context gets canceled. + WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult + // ForResource gives generic access to a shared informer of the matching type. ForResource(resource schema.GroupVersionResource) (GenericInformer, error) diff --git a/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index d3f19fad2..af9860bca 100644 --- a/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -21,7 +21,26 @@ type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexI type SharedInformerFactory interface { Start(stopCh <-chan struct{}) InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer + InformerName() *cache.InformerName } // TweakListOptionsFunc is a function that transforms a v1.ListOptions. type TweakListOptionsFunc func(*v1.ListOptions) + +// InformerOptions holds the options for creating an informer. +type InformerOptions struct { + // ResyncPeriod is the resync period for this informer. + // If not set, defaults to 0 (no resync). + ResyncPeriod time.Duration + + // Indexers are the indexers for this informer. + Indexers cache.Indexers + + // InformerName is used to uniquely identify this informer for metrics. + // If not set, metrics will not be published for this informer. + // Use cache.NewInformerName() to create an InformerName at startup. + InformerName *cache.InformerName + + // TweakListOptions is an optional function to modify the list options. + TweakListOptions TweakListOptionsFunc +} diff --git a/generated/latest/client/concierge/openapi/zz_generated.openapi.go b/generated/latest/client/concierge/openapi/zz_generated.openapi.go index e01f4c70a..6806135b1 100644 --- a/generated/latest/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/latest/client/concierge/openapi/zz_generated.openapi.go @@ -113,6 +113,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.ImageVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeStatus(ref), v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), @@ -136,6 +137,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref), v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), @@ -188,6 +190,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSchedulingGroup{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGroup(ref), v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), @@ -266,10 +269,10 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeStatus(ref), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), @@ -307,6 +310,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.ShardInfo{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ShardInfo(ref), metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), @@ -5418,6 +5422,27 @@ func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ImageVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeStatus represents the image-based volume status.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "imageRef": { + SchemaProps: spec.SchemaProps{ + Description: "ImageRef is the digest of the image used for this volume. It should have a value that's similar to the pod's status.containerStatuses[i].imageID. The ImageRef length should not exceed 256 characters.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"imageRef"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_KeyToPath(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -6416,6 +6441,64 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. } } +func schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatus describes the status of node allocatable resources allocated via DRA.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the resource claim referenced by the pod that resulted in this node allocatable resource allocation.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "containers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Containers lists the names of all containers in this pod that reference the claim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is a map of the node-allocatable resource name to the aggregate quantity allocated to the claim.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"resourceClaimName", "resources"}, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8052,7 +8135,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -8213,7 +8296,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -8812,7 +8895,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon.", Type: []string{"integer"}, Format: "int64", }, @@ -9387,7 +9470,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and this Pod belongs to a PodGroup, a PodResourceClaim is matched to a PodGroupResourceClaim if all of their fields are equal (Name, ResourceClaimName, and ResourceClaimTemplateName). A matched claim references a single ResourceClaim shared across all Pods in the PodGroup, reserved for the PodGroup in ResourceClaimStatus.ReservedFor rather than for individual Pods.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -9407,7 +9490,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com }, "resourceClaimTemplateName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and the pod belongs to a PodGroup that defines a PodGroupResourceClaim with the same Name and ResourceClaimTemplateName, this PodResourceClaim resolves to the ResourceClaim generated for the PodGroup. All pods in the group that define an equivalent PodResourceClaim matching the PodGroupResourceClaim's Name and ResourceClaimTemplateName share the same generated ResourceClaim. ResourceClaims generated for a PodGroup are owned by the PodGroup and their lifecycles are tied to the PodGroup instead of any individual pod.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", Type: []string{"string"}, Format: "", }, @@ -9436,7 +9519,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.\n\nWhen the DRAWorkloadResourceClaims feature is enabled and the corresponding PodResourceClaim matches a PodGroupResourceClaim made by the Pod's PodGroup, then this is the name of the ResourceClaim generated and reserved for the PodGroup.\n\nIf this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -9470,6 +9553,37 @@ func schema_k8sio_api_core_v1_PodSchedulingGate(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_PodSchedulingGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodSchedulingGroup identifies the runtime scheduling group instance that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics. Exactly one field must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "podGroupName": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupName specifies the name of the standalone PodGroup object that represents the runtime instance of this group. Must be a DNS subdomain.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "fields-to-discriminateBy": map[string]interface{}{ + "podGroupName": "PodGroupName", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -10045,7 +10159,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "hostUsers": { SchemaProps: spec.SchemaProps{ - Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host.", Type: []string{"boolean"}, Format: "", }, @@ -10111,10 +10225,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Format: "", }, }, - "workloadRef": { + "schedulingGroup": { SchemaProps: spec.SchemaProps{ - Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", - Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), + Description: "SchedulingGroup provides a reference to the immediate scheduling runtime grouping object that this Pod belongs to. This field is used by the scheduler to identify the group and apply the correct group scheduling policies. The association with a group also impacts other lifecycle aspects of a Pod that are relevant in a wider context of scheduling like preemption, resource attachment, etc. If not specified, the Pod is treated as a single unit in all of these aspects. The group object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a group object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.PodSchedulingGroup{}.OpenAPIModelName()), }, }, }, @@ -10122,7 +10236,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSchedulingGroup{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -10380,11 +10494,30 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, + "nodeAllocatableResourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatuses contains the status of node-allocatable resources that were allocated for this pod through DRA claims. This includes resources currently reported in v1.Node `status.allocatable` that are not extended resources (see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#extended-resources). Examples include \"cpu\", \"memory\", \"ephemeral-storage\", and hugepages.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -11529,6 +11662,13 @@ func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) commo Format: "", }, }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Message provides human-readable context for Health (e.g. \"ECC error count exceeded threshold\"). This field is populated by the kubelet when ResourceHealthStatusMessage is enabled if the DRA plugin returns a message, and is null otherwise.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"resourceID"}, }, @@ -12606,7 +12746,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -14040,7 +14180,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -14070,7 +14210,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "image": { SchemaProps: spec.SchemaProps{ - Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, @@ -14216,10 +14356,18 @@ func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) co Format: "", }, }, + "volumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "volumeStatus represents volume-type-specific status about the mounted volume.", + Ref: ref(v1.VolumeStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"name", "mountPath"}, }, }, + Dependencies: []string{ + v1.VolumeStatus{}.OpenAPIModelName()}, } } @@ -14491,7 +14639,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -14521,7 +14669,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "image": { SchemaProps: spec.SchemaProps{ - Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, @@ -14533,6 +14681,27 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. } } +func schema_k8sio_api_core_v1_VolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeStatus represents the status of a mounted volume. At most one of its members must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.", + Ref: ref(v1.ImageVolumeStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.ImageVolumeStatus{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -14648,43 +14817,6 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } -func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "podGroup": { - SchemaProps: spec.SchemaProps{ - Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "podGroupReplicaKey": { - SchemaProps: spec.SchemaProps{ - Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "podGroup"}, - }, - }, - } -} - func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -15889,9 +16021,17 @@ func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenA Format: "int64", }, }, + "shardInfo": { + SchemaProps: spec.SchemaProps{ + Description: "shardInfo is set when the list is a filtered subset of the full collection, as selected by a shard selector on the request. It echoes back the selector so clients can verify which shard they received and merge sharded responses. Clients should not cache sharded list responses as a full representation of the collection.\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Ref: ref(metav1.ShardInfo{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.ShardInfo{}.OpenAPIModelName()}, } } @@ -15986,6 +16126,13 @@ func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.Op Format: "", }, }, + "shardSelector": { + SchemaProps: spec.SchemaProps{ + Description: "shardSelector restricts the list of returned objects using a CEL-based shard selector expression. The format uses the shardRange() function combined with || (logical OR) to specify one or more hash ranges:\n\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000')\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000') || shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n\nField paths use CEL-style object-rooted syntax (e.g. \"object.metadata.uid\"), NOT the fieldSelector format (\"metadata.uid\"). Currently supported paths:\n - object.metadata.uid\n - object.metadata.namespace\n\nhexStart and hexEnd are single-quoted CEL string literals with a '0x' prefix, defining the inclusive lower and exclusive upper bounds over the 64-bit FNV-1a hash space. The full range is [0x0, 0x10000000000000000), where the exclusive upper bound equals 2^64.\n\nExamples:\n 2-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x8000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n 4-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x4000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x4000000000000000', '0x8000000000000000')\n shard 2: shardRange(object.metadata.uid, '0x8000000000000000', '0xc000000000000000')\n shard 3: shardRange(object.metadata.uid, '0xc000000000000000', '0x10000000000000000')\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -16567,6 +16714,28 @@ func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallb } } +func schema_pkg_apis_meta_v1_ShardInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ShardInfo describes the shard selector that was applied to produce a list response. Its presence on a list response indicates the list is a filtered subset.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "selector": { + SchemaProps: spec.SchemaProps{ + Description: "selector is the shard selector string from the request, echoed back so clients can verify which shard they received and merge responses from multiple shards.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"selector"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go index 8eba9afcc..87f986580 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -70,7 +70,7 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } -// IsWatchListSemanticsSupported informs the reflector that this client +// IsWatchListSemanticsUnSupported informs the reflector that this client // doesn't support WatchList semantics. // // This is a synthetic method whose sole purpose is to satisfy the optional diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index c09500704..f4b1f0960 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -15,6 +15,7 @@ import ( configv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type federationDomainInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) + return NewFederationDomainInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewFederationDomainInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewFederationDomainInformerWithOptions constructs a new informer for FederationDomain type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.Background(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.Background(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().FederationDomains(namespace).List(ctx, options) + return client.ConfigV1alpha1().FederationDomains(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, options) + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, opts) }, }, client), &supervisorconfigv1alpha1.FederationDomain{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewFederationDomainInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index d47d11749..fd5d41bad 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -15,6 +15,7 @@ import ( configv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type oIDCClientInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, namespace, resyncPeriod, indexers, nil) + return NewOIDCClientInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredOIDCClientInformer constructs a new informer for OIDCClient type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewOIDCClientInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewOIDCClientInformerWithOptions constructs a new informer for OIDCClient type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCClientInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.Background(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.Background(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().OIDCClients(namespace).List(ctx, options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, opts) }, }, client), &supervisorconfigv1alpha1.OIDCClient{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewOIDCClientInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/factory.go b/generated/latest/client/supervisor/informers/externalversions/factory.go index be49c045f..e38346ccc 100644 --- a/generated/latest/client/supervisor/informers/externalversions/factory.go +++ b/generated/latest/client/supervisor/informers/externalversions/factory.go @@ -6,6 +6,7 @@ package externalversions import ( + context "context" reflect "reflect" sync "sync" time "time" @@ -17,6 +18,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" + wait "k8s.io/apimachinery/pkg/util/wait" cache "k8s.io/client-go/tools/cache" ) @@ -31,6 +33,7 @@ type sharedInformerFactory struct { defaultResync time.Duration customResync map[reflect.Type]time.Duration transform cache.TransformFunc + informerName *cache.InformerName informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -77,6 +80,21 @@ func WithTransform(transform cache.TransformFunc) SharedInformerOption { } } +// WithInformerName sets the InformerName for informer identity used in metrics. +// The InformerName must be created via cache.NewInformerName() at startup, +// which validates global uniqueness. Each informer type will register its +// GVR under this name. +func WithInformerName(informerName *cache.InformerName) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.informerName = informerName + return factory + } +} + +func (f *sharedInformerFactory) InformerName() *cache.InformerName { + return f.informerName +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -111,6 +129,10 @@ func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResy } func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.StartWithContext(wait.ContextForChannel(stopCh)) +} + +func (f *sharedInformerFactory) StartWithContext(ctx context.Context) { f.lock.Lock() defer f.lock.Unlock() @@ -120,15 +142,9 @@ func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { for informerType, informer := range f.informers { if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() + f.wg.Go(func() { + informer.RunWithContext(ctx) + }) f.startedInformers[informerType] = true } } @@ -141,9 +157,15 @@ func (f *sharedInformerFactory) Shutdown() { // Will return immediately if there is nothing to wait for. f.wg.Wait() + f.informerName.Release() } func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + result := f.WaitForCacheSyncWithContext(wait.ContextForChannel(stopCh)) + return result.Synced +} + +func (f *sharedInformerFactory) WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult { informers := func() map[reflect.Type]cache.SharedIndexInformer { f.lock.Lock() defer f.lock.Unlock() @@ -157,10 +179,31 @@ func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[ref return informers }() - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + // Wait for informers to sync, without polling. + cacheSyncs := make([]cache.DoneChecker, 0, len(informers)) + for _, informer := range informers { + cacheSyncs = append(cacheSyncs, informer.HasSyncedChecker()) } + cache.WaitFor(ctx, "" /* no logging */, cacheSyncs...) + + res := cache.SyncResult{ + Synced: make(map[reflect.Type]bool, len(informers)), + } + failed := false + for informType, informer := range informers { + hasSynced := informer.HasSynced() + if !hasSynced { + failed = true + } + res.Synced[informType] = hasSynced + } + if failed { + // context.Cause is more informative than ctx.Err(). + // This must be non-nil, otherwise WaitFor wouldn't have stopped + // prematurely. + res.Err = context.Cause(ctx) + } + return res } @@ -182,7 +225,9 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) - informer.SetTransform(f.transform) + if f.transform != nil { + informer.SetTransform(f.transform) + } f.informers[informerType] = informer return informer @@ -199,27 +244,46 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // defer factory.WaitForStop() // Returns immediately if nothing was started. // genericInformer := factory.ForResource(resource) // typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } +// handle, err := typeInformer.Informer().AddEventHandler(...) +// if err != nil { +// return fmt.Errorf("register event handler: %v", err) +// } +// defer typeInformer.Informer().RemoveEventHandler(handle) // Avoids leaking goroutines. +// factory.StartWithContext(ctx) // Start processing these informers. +// synced := factory.WaitForCacheSyncWithContext(ctx) +// if err := synced.AsError(); err != nil { +// return err +// } +// for v := range synced { +// // Only if desired log some information similar to this. +// fmt.Fprintf(os.Stdout, "cache synced: %s", v) +// } +// +// // Also make sure that all of the initial cache events have been delivered. +// if !WaitFor(ctx, "event handler sync", handle.HasSyncedChecker()) { +// // Must have failed because of context. +// return fmt.Errorf("sync event handler: %w", context.Cause(ctx)) // } // // // Creating informers can also be created after Start, but then // // Start must be called again: // anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) +// factory.StartWithContext(ctx) type SharedInformerFactory interface { internalinterfaces.SharedInformerFactory // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + // + // Contextual logging: StartWithContext should be used instead of Start in code which supports contextual logging. Start(stopCh <-chan struct{}) + // StartWithContext initializes all requested informers. They are handled in goroutines + // which run until the context gets canceled. + // Warning: StartWithContext does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + StartWithContext(ctx context.Context) + // Shutdown marks a factory as shutting down. At that point no new // informers can be started anymore and Start will return without // doing anything. @@ -234,8 +298,14 @@ type SharedInformerFactory interface { // WaitForCacheSync blocks until all started informers' caches were synced // or the stop channel gets closed. + // + // Contextual logging: WaitForCacheSync should be used instead of WaitForCacheSync in code which supports contextual logging. It also returns a more useful result. WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + // WaitForCacheSyncWithContext blocks until all started informers' caches were synced + // or the context gets canceled. + WaitForCacheSyncWithContext(ctx context.Context) cache.SyncResult + // ForResource gives generic access to a shared informer of the matching type. ForResource(resource schema.GroupVersionResource) (GenericInformer, error) diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index 6f54bc4a2..11bf69b61 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -15,6 +15,7 @@ import ( idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type activeDirectoryIdentityProviderInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewActiveDirectoryIdentityProviderInformerWithOptions constructs a new informer for ActiveDirectoryIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.Background(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.Background(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(ctx, options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, opts) }, }, client), &supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewActiveDirectoryIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go index 18ef57923..383c36b6c 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go @@ -15,6 +15,7 @@ import ( idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type gitHubIdentityProviderInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) + return NewGitHubIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewGitHubIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewGitHubIdentityProviderInformerWithOptions constructs a new informer for GitHubIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewGitHubIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "githubidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.Background(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.Background(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(ctx, options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, opts) }, }, client), &supervisoridpv1alpha1.GitHubIdentityProvider{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewGitHubIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index a6d823621..6082168dd 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -15,6 +15,7 @@ import ( idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type lDAPIdentityProviderInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) + return NewLDAPIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewLDAPIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewLDAPIdentityProviderInformerWithOptions constructs a new informer for LDAPIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.Background(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.Background(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(ctx, options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, opts) }, }, client), &supervisoridpv1alpha1.LDAPIdentityProvider{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewLDAPIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index 9b382130f..e828057d7 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -15,6 +15,7 @@ import ( idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" ) @@ -36,48 +37,61 @@ type oIDCIdentityProviderInformer struct { // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) + return NewOIDCIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers}) } // NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( + return NewOIDCIdentityProviderInformerWithOptions(client, namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: indexers, TweakListOptions: tweakListOptions}) +} + +// NewOIDCIdentityProviderInformerWithOptions constructs a new informer for OIDCIdentityProvider type with additional options. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformerWithOptions(client versioned.Interface, namespace string, options internalinterfaces.InformerOptions) cache.SharedIndexInformer { + gvr := schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} + identifier := options.InformerName.WithResource(gvr) + tweakListOptions := options.TweakListOptions + return cache.NewSharedIndexInformerWithOptions( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + ListFunc: func(opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.Background(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.Background(), opts) }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + WatchFunc: func(opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.Background(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.Background(), opts) }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + ListWithContextFunc: func(ctx context.Context, opts v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(ctx, options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(ctx, opts) }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + WatchFuncWithContext: func(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { - tweakListOptions(&options) + tweakListOptions(&opts) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, opts) }, }, client), &supervisoridpv1alpha1.OIDCIdentityProvider{}, - resyncPeriod, - indexers, + cache.SharedIndexInformerOptions{ + ResyncPeriod: options.ResyncPeriod, + Indexers: options.Indexers, + Identifier: identifier, + }, ) } func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) + return NewOIDCIdentityProviderInformerWithOptions(client, f.namespace, internalinterfaces.InformerOptions{ResyncPeriod: resyncPeriod, Indexers: cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, InformerName: f.factory.InformerName(), TweakListOptions: f.tweakListOptions}) } func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { diff --git a/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 47c7ee634..acf69ca63 100644 --- a/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -21,7 +21,26 @@ type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexI type SharedInformerFactory interface { Start(stopCh <-chan struct{}) InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer + InformerName() *cache.InformerName } // TweakListOptionsFunc is a function that transforms a v1.ListOptions. type TweakListOptionsFunc func(*v1.ListOptions) + +// InformerOptions holds the options for creating an informer. +type InformerOptions struct { + // ResyncPeriod is the resync period for this informer. + // If not set, defaults to 0 (no resync). + ResyncPeriod time.Duration + + // Indexers are the indexers for this informer. + Indexers cache.Indexers + + // InformerName is used to uniquely identify this informer for metrics. + // If not set, metrics will not be published for this informer. + // Use cache.NewInformerName() to create an InformerName at startup. + InformerName *cache.InformerName + + // TweakListOptions is an optional function to modify the list options. + TweakListOptions TweakListOptionsFunc +} diff --git a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go index 15d6c324e..64c82a892 100644 --- a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go +++ b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go @@ -105,6 +105,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.ImageVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeStatus(ref), v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), @@ -128,6 +129,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref), v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), @@ -180,6 +182,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSchedulingGroup{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGroup(ref), v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), @@ -258,10 +261,10 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeStatus(ref), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), @@ -299,6 +302,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.ShardInfo{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ShardInfo(ref), metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), @@ -5133,6 +5137,27 @@ func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ImageVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeStatus represents the image-based volume status.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "imageRef": { + SchemaProps: spec.SchemaProps{ + Description: "ImageRef is the digest of the image used for this volume. It should have a value that's similar to the pod's status.containerStatuses[i].imageID. The ImageRef length should not exceed 256 characters.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"imageRef"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_KeyToPath(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -6131,6 +6156,64 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. } } +func schema_k8sio_api_core_v1_NodeAllocatableResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatus describes the status of node allocatable resources allocated via DRA.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the resource claim referenced by the pod that resulted in this node allocatable resource allocation.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "containers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Containers lists the names of all containers in this pod that reference the claim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is a map of the node-allocatable resource name to the aggregate quantity allocated to the claim.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"resourceClaimName", "resources"}, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7767,7 +7850,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -7928,7 +8011,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -8527,7 +8610,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon.", Type: []string{"integer"}, Format: "int64", }, @@ -9102,7 +9185,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and this Pod belongs to a PodGroup, a PodResourceClaim is matched to a PodGroupResourceClaim if all of their fields are equal (Name, ResourceClaimName, and ResourceClaimTemplateName). A matched claim references a single ResourceClaim shared across all Pods in the PodGroup, reserved for the PodGroup in ResourceClaimStatus.ReservedFor rather than for individual Pods.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -9122,7 +9205,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com }, "resourceClaimTemplateName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and the pod belongs to a PodGroup that defines a PodGroupResourceClaim with the same Name and ResourceClaimTemplateName, this PodResourceClaim resolves to the ResourceClaim generated for the PodGroup. All pods in the group that define an equivalent PodResourceClaim matching the PodGroupResourceClaim's Name and ResourceClaimTemplateName share the same generated ResourceClaim. ResourceClaims generated for a PodGroup are owned by the PodGroup and their lifecycles are tied to the PodGroup instead of any individual pod.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", Type: []string{"string"}, Format: "", }, @@ -9151,7 +9234,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.\n\nWhen the DRAWorkloadResourceClaims feature is enabled and the corresponding PodResourceClaim matches a PodGroupResourceClaim made by the Pod's PodGroup, then this is the name of the ResourceClaim generated and reserved for the PodGroup.\n\nIf this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -9185,6 +9268,37 @@ func schema_k8sio_api_core_v1_PodSchedulingGate(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_PodSchedulingGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodSchedulingGroup identifies the runtime scheduling group instance that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics. Exactly one field must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "podGroupName": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupName specifies the name of the standalone PodGroup object that represents the runtime instance of this group. Must be a DNS subdomain.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "fields-to-discriminateBy": map[string]interface{}{ + "podGroupName": "PodGroupName", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -9760,7 +9874,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "hostUsers": { SchemaProps: spec.SchemaProps{ - Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host.", Type: []string{"boolean"}, Format: "", }, @@ -9826,10 +9940,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Format: "", }, }, - "workloadRef": { + "schedulingGroup": { SchemaProps: spec.SchemaProps{ - Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", - Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), + Description: "SchedulingGroup provides a reference to the immediate scheduling runtime grouping object that this Pod belongs to. This field is used by the scheduler to identify the group and apply the correct group scheduling policies. The association with a group also impacts other lifecycle aspects of a Pod that are relevant in a wider context of scheduling like preemption, resource attachment, etc. If not specified, the Pod is treated as a single unit in all of these aspects. The group object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a group object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.PodSchedulingGroup{}.OpenAPIModelName()), }, }, }, @@ -9837,7 +9951,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSchedulingGroup{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -10095,11 +10209,30 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, + "nodeAllocatableResourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "NodeAllocatableResourceClaimStatuses contains the status of node-allocatable resources that were allocated for this pod through DRA claims. This includes resources currently reported in v1.Node `status.allocatable` that are not extended resources (see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#extended-resources). Examples include \"cpu\", \"memory\", \"ephemeral-storage\", and hugepages.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.NodeAllocatableResourceClaimStatus{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -11244,6 +11377,13 @@ func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) commo Format: "", }, }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Message provides human-readable context for Health (e.g. \"ECC error count exceeded threshold\"). This field is populated by the kubelet when ResourceHealthStatusMessage is enabled if the DRA plugin returns a message, and is null otherwise.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"resourceID"}, }, @@ -12321,7 +12461,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -13755,7 +13895,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -13785,7 +13925,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "image": { SchemaProps: spec.SchemaProps{ - Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, @@ -13931,10 +14071,18 @@ func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) co Format: "", }, }, + "volumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "volumeStatus represents volume-type-specific status about the mounted volume.", + Ref: ref(v1.VolumeStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"name", "mountPath"}, }, }, + Dependencies: []string{ + v1.VolumeStatus{}.OpenAPIModelName()}, } } @@ -14206,7 +14354,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver.", Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, @@ -14236,7 +14384,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "image": { SchemaProps: spec.SchemaProps{ - Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, @@ -14248,6 +14396,27 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. } } +func schema_k8sio_api_core_v1_VolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeStatus represents the status of a mounted volume. At most one of its members must be specified.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.", + Ref: ref(v1.ImageVolumeStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.ImageVolumeStatus{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -14363,43 +14532,6 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } -func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "podGroup": { - SchemaProps: spec.SchemaProps{ - Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "podGroupReplicaKey": { - SchemaProps: spec.SchemaProps{ - Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "podGroup"}, - }, - }, - } -} - func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -15604,9 +15736,17 @@ func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenA Format: "int64", }, }, + "shardInfo": { + SchemaProps: spec.SchemaProps{ + Description: "shardInfo is set when the list is a filtered subset of the full collection, as selected by a shard selector on the request. It echoes back the selector so clients can verify which shard they received and merge sharded responses. Clients should not cache sharded list responses as a full representation of the collection.\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Ref: ref(metav1.ShardInfo{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.ShardInfo{}.OpenAPIModelName()}, } } @@ -15701,6 +15841,13 @@ func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.Op Format: "", }, }, + "shardSelector": { + SchemaProps: spec.SchemaProps{ + Description: "shardSelector restricts the list of returned objects using a CEL-based shard selector expression. The format uses the shardRange() function combined with || (logical OR) to specify one or more hash ranges:\n\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000')\n shardRange(object.metadata.uid, '0x0', '0x8000000000000000') || shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n\nField paths use CEL-style object-rooted syntax (e.g. \"object.metadata.uid\"), NOT the fieldSelector format (\"metadata.uid\"). Currently supported paths:\n - object.metadata.uid\n - object.metadata.namespace\n\nhexStart and hexEnd are single-quoted CEL string literals with a '0x' prefix, defining the inclusive lower and exclusive upper bounds over the 64-bit FNV-1a hash space. The full range is [0x0, 0x10000000000000000), where the exclusive upper bound equals 2^64.\n\nExamples:\n 2-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x8000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x8000000000000000', '0x10000000000000000')\n 4-shard split:\n shard 0: shardRange(object.metadata.uid, '0x0000000000000000', '0x4000000000000000')\n shard 1: shardRange(object.metadata.uid, '0x4000000000000000', '0x8000000000000000')\n shard 2: shardRange(object.metadata.uid, '0x8000000000000000', '0xc000000000000000')\n shard 3: shardRange(object.metadata.uid, '0xc000000000000000', '0x10000000000000000')\n\nThis is an alpha field and requires enabling the ShardedListAndWatch feature gate.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -16282,6 +16429,28 @@ func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallb } } +func schema_pkg_apis_meta_v1_ShardInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ShardInfo describes the shard selector that was applied to produce a list response. Its presence on a list response indicates the list is a filtered subset.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "selector": { + SchemaProps: spec.SchemaProps{ + Description: "selector is the shard selector string from the request, echoed back so clients can verify which shard they received and merge responses from multiple shards.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"selector"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/go.mod b/go.mod index 458121413..1ff9fa102 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module go.pinniped.dev -go 1.26 +go 1.26.0 require ( github.com/MakeNowJust/heredoc/v2 v2.0.1 @@ -20,7 +20,7 @@ require ( github.com/gofrs/flock v0.13.0 github.com/google/cel-go v0.28.0 github.com/google/go-cmp v0.7.0 - github.com/google/go-github/v84 v84.0.0 + github.com/google/go-github/v85 v85.0.0 github.com/google/gofuzz v1.2.0 github.com/google/uuid v1.6.0 github.com/gorilla/securecookie v1.1.2 @@ -35,25 +35,26 @@ require ( github.com/spf13/cobra v1.10.2 github.com/spf13/pflag v1.0.10 github.com/stretchr/testify v1.11.1 - github.com/tdewolff/minify/v2 v2.24.12 + github.com/tdewolff/minify/v2 v2.24.13 go.uber.org/mock v0.6.0 - go.uber.org/zap v1.27.1 + go.uber.org/zap v1.28.0 golang.org/x/crypto v0.50.0 golang.org/x/net v0.53.0 golang.org/x/oauth2 v0.36.0 golang.org/x/sync v0.20.0 golang.org/x/term v0.42.0 golang.org/x/text v0.36.0 - k8s.io/api v0.35.4 - k8s.io/apiextensions-apiserver v0.35.4 - k8s.io/apimachinery v0.35.4 - k8s.io/apiserver v0.35.4 - k8s.io/client-go v0.35.4 - k8s.io/component-base v0.35.4 + k8s.io/api v0.36.0 + k8s.io/apiextensions-apiserver v0.36.0 + k8s.io/apimachinery v0.36.0 + k8s.io/apiserver v0.36.0 + k8s.io/client-go v0.36.0 + k8s.io/component-base v0.36.0 k8s.io/gengo v0.0.0-20260408192533-25e2208e0dc3 k8s.io/klog/v2 v2.140.0 - k8s.io/kube-aggregator v0.35.4 - k8s.io/kube-openapi v0.0.0-20260414162039-ec9c827d403f + k8s.io/kube-aggregator v0.36.0 + k8s.io/kube-openapi v0.0.0-20260505163821-33341827b392 + k8s.io/streaming v0.36.0 k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 sigs.k8s.io/yaml v1.6.0 ) @@ -69,50 +70,58 @@ require ( github.com/cenkalti/backoff/v5 v5.0.3 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chromedp/sysutil v1.1.0 // indirect - github.com/coreos/go-oidc v2.3.0+incompatible // indirect - github.com/coreos/go-systemd/v22 v22.5.0 // indirect + github.com/coreos/go-oidc v2.5.0+incompatible // indirect + github.com/coreos/go-systemd/v22 v22.7.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect github.com/cristalhq/jwt/v4 v4.0.2 // indirect github.com/dgraph-io/ristretto v1.0.0 // indirect github.com/dustin/go-humanize v1.0.1 // indirect - github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/fxamacker/cbor/v2 v2.9.0 // indirect github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect github.com/go-json-experiment/json v0.0.0-20260214004413-d219187c3433 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-openapi/swag v0.25.4 // indirect + github.com/go-openapi/swag/cmdutils v0.25.4 // indirect + github.com/go-openapi/swag/conv v0.25.4 // indirect + github.com/go-openapi/swag/fileutils v0.25.4 // indirect + github.com/go-openapi/swag/jsonname v0.25.4 // indirect + github.com/go-openapi/swag/jsonutils v0.25.4 // indirect + github.com/go-openapi/swag/loading v0.25.4 // indirect + github.com/go-openapi/swag/mangling v0.25.4 // indirect + github.com/go-openapi/swag/netutils v0.25.4 // indirect + github.com/go-openapi/swag/stringutils v0.25.4 // indirect + github.com/go-openapi/swag/typeutils v0.25.4 // indirect + github.com/go-openapi/swag/yamlutils v0.25.4 // indirect github.com/gobuffalo/pop/v6 v6.1.1 // indirect github.com/gobwas/httphead v0.1.0 // indirect github.com/gobwas/pool v0.2.1 // indirect github.com/gobwas/ws v1.4.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.4 // indirect - github.com/google/btree v1.1.3 // indirect github.com/google/gnostic-models v0.7.0 // indirect github.com/google/go-github/v73 v73.0.0 // indirect github.com/google/go-querystring v1.2.0 // indirect github.com/gorilla/mux v1.8.1 // indirect - github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect + github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.1.0 // indirect + github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/joshlf/testutil v0.0.0-20170608050642-b5d8aa79d93d // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/magiconair/properties v1.8.7 // indirect - github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/goveralls v0.0.12 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/spdystream v0.5.1 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/openzipkin/zipkin-go v0.4.3 // indirect github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe // indirect github.com/ory/go-convenience v0.1.0 // indirect @@ -122,8 +131,8 @@ require ( github.com/pquerna/cachecontrol v0.1.0 // indirect github.com/prometheus/client_golang v1.23.2 // indirect github.com/prometheus/client_model v0.6.2 // indirect - github.com/prometheus/common v0.66.1 // indirect - github.com/prometheus/procfs v0.16.1 // indirect + github.com/prometheus/common v0.67.5 // indirect + github.com/prometheus/procfs v0.19.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761 // indirect github.com/sirupsen/logrus v1.9.3 // indirect @@ -132,15 +141,15 @@ require ( github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/viper v1.16.0 // indirect github.com/subosito/gotenv v1.4.2 // indirect - github.com/tdewolff/parse/v2 v2.8.11 // indirect + github.com/tdewolff/parse/v2 v2.8.12 // indirect github.com/x448/float16 v0.8.4 // indirect - go.etcd.io/etcd/api/v3 v3.6.5 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.6.5 // indirect - go.etcd.io/etcd/client/v3 v3.6.5 // indirect + go.etcd.io/etcd/api/v3 v3.6.8 // indirect + go.etcd.io/etcd/client/pkg/v3 v3.6.8 // indirect + go.etcd.io/etcd/client/v3 v3.6.8 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.65.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0 // indirect go.opentelemetry.io/contrib/propagators/b3 v1.32.0 // indirect go.opentelemetry.io/contrib/propagators/jaeger v1.32.0 // indirect go.opentelemetry.io/contrib/samplers/jaegerremote v0.26.0 // indirect @@ -157,24 +166,24 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 // indirect + golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93 // indirect golang.org/x/mod v0.34.0 // indirect golang.org/x/sys v0.43.0 // indirect - golang.org/x/time v0.11.0 // indirect + golang.org/x/time v0.14.0 // indirect golang.org/x/tools v0.43.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect google.golang.org/grpc v1.80.0 // indirect - google.golang.org/protobuf v1.36.11 // indirect + google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/kms v0.35.4 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 // indirect + k8s.io/kms v0.36.0 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.34.0 // indirect sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.2 // indirect ) diff --git a/go.sum b/go.sum index 5ca29b961..4c63258ff 100644 --- a/go.sum +++ b/go.sum @@ -79,16 +79,16 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= -github.com/coreos/go-oidc v2.3.0+incompatible h1:+5vEsrgprdLjjQ9FzIKAzQz1wwPD+83hQRfUIPh7rO0= -github.com/coreos/go-oidc v2.3.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= +github.com/coreos/go-oidc v2.5.0+incompatible h1:6W0vGJR3Tu0r0PwfmjOrRZSlfxeEln8dsejt3ZWIvwo= +github.com/coreos/go-oidc v2.5.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-oidc/v3 v3.18.0 h1:V9orjXynvu5wiC9SemFTWnG4F45v403aIcjWo0d41+A= github.com/coreos/go-oidc/v3 v3.18.0/go.mod h1:DYCf24+ncYi+XkIH97GY1+dqoRlbaSI26KVTCI9SrY4= github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= -github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/coreos/go-systemd/v22 v22.7.0 h1:LAEzFkke61DFROc7zNLX/WA2i5J8gYqe0rSj9KI28KA= +github.com/coreos/go-systemd/v22 v22.7.0/go.mod h1:xNUYtjHu2EDXbsxz1i41wouACIwT7Ybq9o0BQhMwD0w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= @@ -108,8 +108,8 @@ github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WA github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= -github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= +github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -157,8 +157,36 @@ github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kO github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= -github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-openapi/swag v0.25.4 h1:OyUPUFYDPDBMkqyxOTkqDYFnrhuhi9NR6QVUvIochMU= +github.com/go-openapi/swag v0.25.4/go.mod h1:zNfJ9WZABGHCFg2RnY0S4IOkAcVTzJ6z2Bi+Q4i6qFQ= +github.com/go-openapi/swag/cmdutils v0.25.4 h1:8rYhB5n6WawR192/BfUu2iVlxqVR9aRgGJP6WaBoW+4= +github.com/go-openapi/swag/cmdutils v0.25.4/go.mod h1:pdae/AFo6WxLl5L0rq87eRzVPm/XRHM3MoYgRMvG4A0= +github.com/go-openapi/swag/conv v0.25.4 h1:/Dd7p0LZXczgUcC/Ikm1+YqVzkEeCc9LnOWjfkpkfe4= +github.com/go-openapi/swag/conv v0.25.4/go.mod h1:3LXfie/lwoAv0NHoEuY1hjoFAYkvlqI/Bn5EQDD3PPU= +github.com/go-openapi/swag/fileutils v0.25.4 h1:2oI0XNW5y6UWZTC7vAxC8hmsK/tOkWXHJQH4lKjqw+Y= +github.com/go-openapi/swag/fileutils v0.25.4/go.mod h1:cdOT/PKbwcysVQ9Tpr0q20lQKH7MGhOEb6EwmHOirUk= +github.com/go-openapi/swag/jsonname v0.25.4 h1:bZH0+MsS03MbnwBXYhuTttMOqk+5KcQ9869Vye1bNHI= +github.com/go-openapi/swag/jsonname v0.25.4/go.mod h1:GPVEk9CWVhNvWhZgrnvRA6utbAltopbKwDu8mXNUMag= +github.com/go-openapi/swag/jsonutils v0.25.4 h1:VSchfbGhD4UTf4vCdR2F4TLBdLwHyUDTd1/q4i+jGZA= +github.com/go-openapi/swag/jsonutils v0.25.4/go.mod h1:7OYGXpvVFPn4PpaSdPHJBtF0iGnbEaTk8AvBkoWnaAY= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.4 h1:IACsSvBhiNJwlDix7wq39SS2Fh7lUOCJRmx/4SN4sVo= +github.com/go-openapi/swag/jsonutils/fixtures_test v0.25.4/go.mod h1:Mt0Ost9l3cUzVv4OEZG+WSeoHwjWLnarzMePNDAOBiM= +github.com/go-openapi/swag/loading v0.25.4 h1:jN4MvLj0X6yhCDduRsxDDw1aHe+ZWoLjW+9ZQWIKn2s= +github.com/go-openapi/swag/loading v0.25.4/go.mod h1:rpUM1ZiyEP9+mNLIQUdMiD7dCETXvkkC30z53i+ftTE= +github.com/go-openapi/swag/mangling v0.25.4 h1:2b9kBJk9JvPgxr36V23FxJLdwBrpijI26Bx5JH4Hp48= +github.com/go-openapi/swag/mangling v0.25.4/go.mod h1:6dxwu6QyORHpIIApsdZgb6wBk/DPU15MdyYj/ikn0Hg= +github.com/go-openapi/swag/netutils v0.25.4 h1:Gqe6K71bGRb3ZQLusdI8p/y1KLgV4M/k+/HzVSqT8H0= +github.com/go-openapi/swag/netutils v0.25.4/go.mod h1:m2W8dtdaoX7oj9rEttLyTeEFFEBvnAx9qHd5nJEBzYg= +github.com/go-openapi/swag/stringutils v0.25.4 h1:O6dU1Rd8bej4HPA3/CLPciNBBDwZj9HiEpdVsb8B5A8= +github.com/go-openapi/swag/stringutils v0.25.4/go.mod h1:GTsRvhJW5xM5gkgiFe0fV3PUlFm0dr8vki6/VSRaZK0= +github.com/go-openapi/swag/typeutils v0.25.4 h1:1/fbZOUN472NTc39zpa+YGHn3jzHWhv42wAJSN91wRw= +github.com/go-openapi/swag/typeutils v0.25.4/go.mod h1:Ou7g//Wx8tTLS9vG0UmzfCsjZjKhpjxayRKTHXf2pTE= +github.com/go-openapi/swag/yamlutils v0.25.4 h1:6jdaeSItEUb7ioS9lFoCZ65Cne1/RZtPBZ9A56h92Sw= +github.com/go-openapi/swag/yamlutils v0.25.4/go.mod h1:MNzq1ulQu+yd8Kl7wPOut/YHAAU/H6hL91fF+E2RFwc= +github.com/go-openapi/testify/enable/yaml/v2 v2.0.2 h1:0+Y41Pz1NkbTHz8NngxTuAXxEodtNSI1WG1c/m5Akw4= +github.com/go-openapi/testify/enable/yaml/v2 v2.0.2/go.mod h1:kme83333GCtJQHXQ8UKX3IBZu6z8T5Dvy5+CW3NLUUg= +github.com/go-openapi/testify/v2 v2.0.2 h1:X999g3jeLcoY8qctY/c/Z8iBHTbwLz7R2WXd6Ub6wls= +github.com/go-openapi/testify/v2 v2.0.2/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -185,7 +213,6 @@ github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og= github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= github.com/gobwas/ws v1.4.0 h1:CTaoG1tojrh4ucGPcoJFiAQUAsEWekEWvLy7GsVNqGs= github.com/gobwas/ws v1.4.0/go.mod h1:G3gNqMNtPppf5XUz7O4shetPpcZ1VJ7zt18dlUeakrc= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/flock v0.13.0 h1:95JolYOvGMqeH31+FC7D2+uULf6mG61mEZ/A8dRYMzw= github.com/gofrs/flock v0.13.0/go.mod h1:jxeyy9R1auM5S6JYDBhDt+E2TCo7DkratH4Pgi8P+Z0= github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= @@ -193,8 +220,8 @@ github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRx github.com/gofrs/uuid v4.3.1+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= -github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= +github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -245,8 +272,8 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/go-github/v73 v73.0.0 h1:aR+Utnh+Y4mMkS+2qLQwcQ/cF9mOTpdwnzlaw//rG24= github.com/google/go-github/v73 v73.0.0/go.mod h1:fa6w8+/V+edSU0muqdhCVY7Beh1M8F1IlQPZIANKIYw= -github.com/google/go-github/v84 v84.0.0 h1:I/0Xn5IuChMe8TdmI2bbim5nyhaRFJ7DEdzmD2w+yVA= -github.com/google/go-github/v84 v84.0.0/go.mod h1:WwYL1z1ajRdlaPszjVu/47x1L0PXukJBn73xsiYrRRQ= +github.com/google/go-github/v85 v85.0.0 h1:1+TLFX/akTFXK7o9Z9uAloQGufOn4ySa5DItUM1VWT4= +github.com/google/go-github/v85 v85.0.0/go.mod h1:jYkBnqN+SzR2A2fGKYfbt6DEEQAyxeK0Q2XpPV9ZFsU= github.com/google/go-querystring v1.2.0 h1:yhqkPbu2/OH+V9BfpCVPZkNmUXhb2gBxJArfhIxNtP0= github.com/google/go-querystring v1.2.0/go.mod h1:8IFJqpSRITyJ8QhQ13bmbeMBDfmeEJZD5A0egEOmkqU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -280,12 +307,10 @@ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kX github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo= github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA= -github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.1 h1:qnpSQwGEnkcRpTqNOIR6bJbR0gAorgP9CSALpRcKoAA= -github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.1/go.mod h1:lXGCsh6c22WGtjr+qGHj1otzZpV/1kwTMAqkwZsnWRU= -github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.0 h1:FbSCl+KggFl+Ocym490i/EyXF4lPgLoUtcSWquBM0Rs= -github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.0/go.mod h1:qOchhhIlmRcqk/O9uCo/puJlyo07YINaIqdZfZG3Jkc= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.1.0 h1:QGLs/O40yoNK9vmy4rhUGBVyMf1lISBGtXRpsu/Qu/o= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.1.0/go.mod h1:hM2alZsMUni80N33RBe6J0e423LB+odMj7d3EMP9l20= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3 h1:B+8ClL/kCQkRiU82d9xajRPKYMrB7E0MbtzWVi1K4ns= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3/go.mod h1:NbCUVmiS4foBGBHOYlCT25+YmGpJ32dZPi75pGEUpj4= github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 h1:HWRh5R2+9EifMyIHV7ZV+MIZqgz+PMpZ14Jynv3O2Zs= github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0/go.mod h1:JfhWUomR1baixubs02l85lZYYOm7LV6om4ceouMv45c= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= @@ -361,7 +386,6 @@ github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Cc github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/jonboulle/clockwork v0.5.0 h1:Hyh9A8u51kptdkR+cqRpT1EebBwTn1oK9YfGYbdFz6I= github.com/jonboulle/clockwork v0.5.0/go.mod h1:3mZlmanh0g2NDKO5TWZVJAfofYk64M7XN3SzBPjZF60= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531 h1:hgVxRoDDPtQE68PT4LFvNlPz2nBKd3OMlGKIQ69OmR4= github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531/go.mod h1:fqTUQpVYBvhCNIsMXGl2GE9q6z94DIP6NtFKXCSTVbg= @@ -409,7 +433,6 @@ github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/luna-duclos/instrumentedsql v1.1.3/go.mod h1:9J1njvFds+zN7y85EDhN9XNQLANWwZt2ULeIC8yMNYs= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -448,8 +471,6 @@ github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9 github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/nyaruka/phonenumbers v1.1.6 h1:DcueYq7QrOArAprAYNoQfDgp0KetO4LqtnBtQC6Wyes= github.com/nyaruka/phonenumbers v1.1.6/go.mod h1:yShPJHDSH3aTKzCbXyVxNpbl2kA+F+Ne5Pun/MvFRos= github.com/oleiade/reflections v1.0.1 h1:D1XO3LVEYroYskEsoSiGItp9RUxG6jWnCVvrqH0HHQM= @@ -489,10 +510,10 @@ github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UH github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= -github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= -github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= -github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= +github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4= +github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw= +github.com/prometheus/procfs v0.19.2 h1:zUMhqEW66Ex7OXIiDkll3tl9a1ZdilUOd/F6ZXw4Vws= +github.com/prometheus/procfs v0.19.2/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= @@ -555,12 +576,13 @@ github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= -github.com/tdewolff/minify/v2 v2.24.12 h1:YXJxVJmz7vxgnEv1v8J/EI4x+Uw4MMohcRFK7TFOjmk= -github.com/tdewolff/minify/v2 v2.24.12/go.mod h1:exq1pjdrh9uAICdfVKQwqz6MsJmWmQahZuTC6pTO6ro= -github.com/tdewolff/parse/v2 v2.8.11 h1:SGyjEy3xEqd+W9WVzTlTQ5GkP/en4a1AZNZVJ1cvgm0= -github.com/tdewolff/parse/v2 v2.8.11/go.mod h1:Hwlni2tiVNKyzR1o6nUs4FOF07URA+JLBLd6dlIXYqo= -github.com/tdewolff/test v1.0.11 h1:FdLbwQVHxqG16SlkGveC0JVyrJN62COWTRyUFzfbtBE= +github.com/tdewolff/minify/v2 v2.24.13 h1:xrcF7gKDnUszseEY9WX9mUlZII2v2Go/QAcAwRASw58= +github.com/tdewolff/minify/v2 v2.24.13/go.mod h1:emvwoYeIl8bfAKqRU5ww95LX9Gpggpqv/naal9a8Yq0= +github.com/tdewolff/parse/v2 v2.8.12 h1:5BBjfaCv482v3nltlS0u6wH1xJaxjR6ofDrWttNvROg= +github.com/tdewolff/parse/v2 v2.8.12/go.mod h1:Hwlni2tiVNKyzR1o6nUs4FOF07URA+JLBLd6dlIXYqo= github.com/tdewolff/test v1.0.11/go.mod h1:XPuWBzvdUzhCuxWO1ojpXsyzsA5bFoS3tO/Q3kFuTG8= +github.com/tdewolff/test v1.0.12 h1:7F21DqIajswxuche0geHdrUZRCWE4oko4b7bcmkkrxk= +github.com/tdewolff/test v1.0.12/go.mod h1:XPuWBzvdUzhCuxWO1ojpXsyzsA5bFoS3tO/Q3kFuTG8= github.com/tidwall/gjson v1.14.3 h1:9jvXn7olKEHU1S9vwoMGliaT8jq1vJ7IH/n9zD9Dnlw= github.com/tidwall/gjson v1.14.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -585,16 +607,16 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= go.etcd.io/bbolt v1.4.3 h1:dEadXpI6G79deX5prL3QRNP6JB8UxVkqo4UPnHaNXJo= go.etcd.io/bbolt v1.4.3/go.mod h1:tKQlpPaYCVFctUIgFKFnAlvbmB3tpy1vkTnDWohtc0E= -go.etcd.io/etcd/api/v3 v3.6.5 h1:pMMc42276sgR1j1raO/Qv3QI9Af/AuyQUW6CBAWuntA= -go.etcd.io/etcd/api/v3 v3.6.5/go.mod h1:ob0/oWA/UQQlT1BmaEkWQzI0sJ1M0Et0mMpaABxguOQ= -go.etcd.io/etcd/client/pkg/v3 v3.6.5 h1:Duz9fAzIZFhYWgRjp/FgNq2gO1jId9Yae/rLn3RrBP8= -go.etcd.io/etcd/client/pkg/v3 v3.6.5/go.mod h1:8Wx3eGRPiy0qOFMZT/hfvdos+DjEaPxdIDiCDUv/FQk= -go.etcd.io/etcd/client/v3 v3.6.5 h1:yRwZNFBx/35VKHTcLDeO7XVLbCBFbPi+XV4OC3QJf2U= -go.etcd.io/etcd/client/v3 v3.6.5/go.mod h1:ZqwG/7TAFZ0BJ0jXRPoJjKQJtbFo/9NIY8uoFFKcCyo= -go.etcd.io/etcd/pkg/v3 v3.6.5 h1:byxWB4AqIKI4SBmquZUG1WGtvMfMaorXFoCcFbVeoxM= -go.etcd.io/etcd/pkg/v3 v3.6.5/go.mod h1:uqrXrzmMIJDEy5j00bCqhVLzR5jEJIwDp5wTlLwPGOU= -go.etcd.io/etcd/server/v3 v3.6.5 h1:4RbUb1Bd4y1WkBHmuF+cZII83JNQMuNXzyjwigQ06y0= -go.etcd.io/etcd/server/v3 v3.6.5/go.mod h1:PLuhyVXz8WWRhzXDsl3A3zv/+aK9e4A9lpQkqawIaH0= +go.etcd.io/etcd/api/v3 v3.6.8 h1:gqb1VN92TAI6G2FiBvWcqKtHiIjr4SU2GdXxTwyexbM= +go.etcd.io/etcd/api/v3 v3.6.8/go.mod h1:qyQj1HZPUV3B5cbAL8scG62+fyz5dSxxu0w8pn28N6Q= +go.etcd.io/etcd/client/pkg/v3 v3.6.8 h1:Qs/5C0LNFiqXxYf2GU8MVjYUEXJ6sZaYOz0zEqQgy50= +go.etcd.io/etcd/client/pkg/v3 v3.6.8/go.mod h1:GsiTRUZE2318PggZkAo6sWb6l8JLVrnckTNfbG8PWtw= +go.etcd.io/etcd/client/v3 v3.6.8 h1:B3G76t1UykqAOrbio7s/EPatixQDkQBevN8/mwiplrY= +go.etcd.io/etcd/client/v3 v3.6.8/go.mod h1:MVG4BpSIuumPi+ELF7wYtySETmoTWBHVcDoHdVupwt8= +go.etcd.io/etcd/pkg/v3 v3.6.8 h1:Xe+LIL974spy8b4nEx3H0KMr1ofq3r0kh6FbU3aw4es= +go.etcd.io/etcd/pkg/v3 v3.6.8/go.mod h1:TRibVNe+FqJIe1abOAA1PsuQ4wqO87ZaOoprg09Tn8c= +go.etcd.io/etcd/server/v3 v3.6.8 h1:U2strdSEy1U8qcSzRIdkYpvOPtBy/9i/IfaaCI9flZ4= +go.etcd.io/etcd/server/v3 v3.6.8/go.mod h1:88dCtwUnSirkUoJbflQxxWXqtBSZa6lSG0Kuej+dois= go.etcd.io/raft/v3 v3.6.0 h1:5NtvbDVYpnfZWcIHgGRk9DyzkBIXOi8j+DDp1IcnUWQ= go.etcd.io/raft/v3 v3.6.0/go.mod h1:nLvLevg6+xrVtHUmVaTcTz603gQPHfh7kUAwV6YpfGo= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -605,12 +627,12 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.65.0 h1:XmiuHzgJt067+a6kwyAzkhXooYVv3/TOw9cM2VfJgUM= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.65.0/go.mod h1:KDgtbWKTQs4bM+VPUr6WlL9m/WXcmkCcBlIzqxPGzmI= go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0 h1:7F3XCD6WYzDkwbi8I8N+oYJWquPVScnRosKGgqjsR8c= go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0/go.mod h1:Dk3C0BfIlZDZ5c6eVS7TYiH2vssuyUU3vUsgbrR+5V4= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0 h1:7iP2uCb7sGddAr30RRS6xjKy7AZ2JtTOPA3oolgVSw8= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0/go.mod h1:c7hN3ddxs/z6q9xwvfLPk+UHlWRQyaeR1LdgfL/66l0= go.opentelemetry.io/contrib/propagators/b3 v1.32.0 h1:MazJBz2Zf6HTN/nK/s3Ru1qme+VhWU5hm83QxEP+dvw= go.opentelemetry.io/contrib/propagators/b3 v1.32.0/go.mod h1:B0s70QHYPrJwPOwD1o3V/R8vETNOG9N3qZf4LDYvA30= go.opentelemetry.io/contrib/propagators/jaeger v1.32.0 h1:K/fOyTMD6GELKTIJBaJ9k3ppF2Njt8MeUGBOwfaWXXA= @@ -656,8 +678,8 @@ go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9E go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= -go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= -go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go.uber.org/zap v1.28.0 h1:IZzaP1Fv73/T/pBMLk4VutPl36uNC+OSUh3JLG3FIjo= +go.uber.org/zap v1.28.0/go.mod h1:rDLpOi171uODNm/mxFcuYWxDsqWSAVkFdX4XojSKg/Q= go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= @@ -688,8 +710,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA= -golang.org/x/exp v0.0.0-20240823005443-9b4947da3948/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= +golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93 h1:fQsdNF2N+/YewlRZiricy4P1iimyPKZ/xwniHj8Q2a0= +golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93/go.mod h1:EPRbTFwzwjXj9NpYyyrvenVh9Y+GFeEvMNh7Xuz7xgU= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -868,8 +890,8 @@ golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= -golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI= +golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -1032,8 +1054,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= -google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af h1:+5/Sw3GsDNlEmu7TfklWKPdQ0Ykja5VEmq2i817+jbI= +google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1065,42 +1087,44 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.35.4 h1:P7nFYKl5vo9AGUp1Z+Pmd3p2tA7bX2wbFWCvDeRv988= -k8s.io/api v0.35.4/go.mod h1:yl4lqySWOgYJJf9RERXKUwE9g2y+CkuwG+xmcOK8wXU= -k8s.io/apiextensions-apiserver v0.35.4 h1:HeP+Upp7ItdvnyGmub0yoix+2z5+ev4M5cE5TCgtOUU= -k8s.io/apiextensions-apiserver v0.35.4/go.mod h1:ogQlk+stIE8mnoRthSYCwlOS12fVqgWFiErMwPaXA7c= -k8s.io/apimachinery v0.35.4 h1:xtdom9RG7e+yDp71uoXoJDWEE2eOiHgeO4GdBzwWpds= -k8s.io/apimachinery v0.35.4/go.mod h1:NNi1taPOpep0jOj+oRha3mBJPqvi0hGdaV8TCqGQ+cc= -k8s.io/apiserver v0.35.4 h1:vtuFqNFmF9bPRdHDL2lpK6qCTPWDreZJL4LRPwVM6ho= -k8s.io/apiserver v0.35.4/go.mod h1:JnBcb+J8kFXKpZkgcbcUnPBBHi4qgBii1I7dLxFY/oo= -k8s.io/client-go v0.35.4 h1:DN6fyaGuzK64UvnKO5fOA6ymSjvfGAnCAHAR0C66kD8= -k8s.io/client-go v0.35.4/go.mod h1:2Pg9WpsS4NeOpoYTfHHfMxBG8zFMSAUi4O/qoiJC3nY= -k8s.io/component-base v0.35.4 h1:6n1tNJ87johN0Hif0Fs8K2GMthsaUwMqCebUDLYyv7U= -k8s.io/component-base v0.35.4/go.mod h1:qaDJgz5c1KYKla9occFmlJEfPpkuA55s90G509R+PeY= +k8s.io/api v0.36.0 h1:SgqDhZzHdOtMk40xVSvCXkP9ME0H05hPM3p9AB1kL80= +k8s.io/api v0.36.0/go.mod h1:m1LVrGPNYax5NBHdO+QuAedXyuzTt4RryI/qnmNvs34= +k8s.io/apiextensions-apiserver v0.36.0 h1:Wt7E8J+VBCbj4FjiBfDTK/neXDDjyJVJc7xfuOHImZ0= +k8s.io/apiextensions-apiserver v0.36.0/go.mod h1:kGDjH0msuiIB3tgsYRV0kS9GqpMYMUsQ3GHv7TApyug= +k8s.io/apimachinery v0.36.0 h1:jZyPzhd5Z+3h9vJLt0z9XdzW9VzNzWAUw+P1xZ9PXtQ= +k8s.io/apimachinery v0.36.0/go.mod h1:FklypaRJt6n5wUIwWXIP6GJlIpUizTgfo1T/As+Tyxc= +k8s.io/apiserver v0.36.0 h1:Jg5OFAENUACByUCg15CmhZAYrr5ZyJ+jodyA1mHl3YE= +k8s.io/apiserver v0.36.0/go.mod h1:mHvwdHf+qKEm+1/hYm756SV+oREOKSPnsjagOpx6Vho= +k8s.io/client-go v0.36.0 h1:pOYi7C4RHChYjMiHpZSpSbIM6ZxVbRXBy7CuiIwqA3c= +k8s.io/client-go v0.36.0/go.mod h1:ZKKcpwF0aLYfkHFCjillCKaTK/yBkEDHTDXCFY6AS9Y= +k8s.io/component-base v0.36.0 h1:hFjEktssxiJhrK1zfybkH4kJOi8iZuF+mIDCqS5+jRo= +k8s.io/component-base v0.36.0/go.mod h1:JZvIfcNHk+uck+8LhJzhSBtydWXaZNQwX2OdL+Mnwsk= k8s.io/gengo v0.0.0-20260408192533-25e2208e0dc3 h1:rf5GFLj5SnELuHVF2S6RVkUGJzC1KEiQvWFbxmgI2mM= k8s.io/gengo v0.0.0-20260408192533-25e2208e0dc3/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.140.0 h1:Tf+J3AH7xnUzZyVVXhTgGhEKnFqye14aadWv7bzXdzc= k8s.io/klog/v2 v2.140.0/go.mod h1:o+/RWfJ6PwpnFn7OyAG3QnO47BFsymfEfrz6XyYSSp0= -k8s.io/kms v0.35.4 h1:0eE6Zd4nACEs8cc7qCxf3UwMAtgM87X8doj+pJCxJk0= -k8s.io/kms v0.35.4/go.mod h1:c/uQe/eKrWdBkvizLFW+ThLA6tTzR0RkkwJJyzDRT1g= -k8s.io/kube-aggregator v0.35.4 h1:6eR50WHwqSYJQTR6QxEG5fRW2vBA6Yoqzp72hw76koE= -k8s.io/kube-aggregator v0.35.4/go.mod h1:13mmXpCW9sReIQR8yLvApbKphZfoGnK39UJ8u1opT9g= -k8s.io/kube-openapi v0.0.0-20260414162039-ec9c827d403f h1:4Qiq0YAoQATdgmHALJWz9rJ4fj20pB3xebpB4CFNhYM= -k8s.io/kube-openapi v0.0.0-20260414162039-ec9c827d403f/go.mod h1:uGBT7iTA6c6MvqUvSXIaYZo9ukscABYi2btjhvgKGZ0= +k8s.io/kms v0.36.0 h1:DPy0VDWi6hCgFMgzV5cNuSDrIROMRcJpTZ1GnB+D368= +k8s.io/kms v0.36.0/go.mod h1:g91diTD9h0oJCCHkTb00krlF+Qm5HTnkWLi9Q/TpRoc= +k8s.io/kube-aggregator v0.36.0 h1:yrR+aw41p4/Wur55FCcfozPSBHH70HIs5j+J6ZphExg= +k8s.io/kube-aggregator v0.36.0/go.mod h1:2CkdUvPZjEbKnlhn+wxj6z3yity7H4xsTrFX+M/t1UE= +k8s.io/kube-openapi v0.0.0-20260505163821-33341827b392 h1:B7Ylb1OUptHKVX/3kpvXB0i05pDmXU66cGED/4Ta9Bw= +k8s.io/kube-openapi v0.0.0-20260505163821-33341827b392/go.mod h1:V/QaCUYDa+0QpcHhVVc5l99Uz56wEMEXBSj9oCDkNDY= +k8s.io/streaming v0.36.0 h1:agnTxU+NFulUrtYzXUGKO3ndEa8jKwht1Kwn9nu9x+4= +k8s.io/streaming v0.36.0/go.mod h1:z6fV3D+NVkoeqRMtWwlUZK6U17SY/LqNzOxWL6GyR/s= k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 h1:kBawHLSnx/mYHmRnNUf9d4CpjREbeZuxoSGOX/J+aYM= k8s.io/utils v0.0.0-20260319190234-28399d86e0b5/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 h1:jpcvIRr3GLoUoEKRkHKSmGjxb6lWwrBlJsXc+eUYQHM= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.34.0 h1:hSfpvjjTQXQY2Fol2CS0QHMNs/WI1MOSGzCm1KhM5ec= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.34.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= -sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2 h1:kwVWMx5yS1CrnFWA/2QHyRVJ8jM6dBA80uLmm0wJkk8= +sigs.k8s.io/structured-merge-diff/v6 v6.3.2/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/hack/Dockerfile_fips b/hack/Dockerfile_fips index 31e77be78..735a1e216 100644 --- a/hack/Dockerfile_fips +++ b/hack/Dockerfile_fips @@ -16,7 +16,7 @@ # See https://go.googlesource.com/go/+/dev.boringcrypto/README.boringcrypto.md # and https://kupczynski.info/posts/fips-golang/ for details. -ARG BUILD_IMAGE=golang:1.26.2@sha256:5f3787b7f902c07c7ec4f3aa91a301a3eda8133aa32661a3b3a3a86ab3a68a36 +ARG BUILD_IMAGE=golang:1.26.2@sha256:b54cbf583d390341599d7bcbc062425c081105cc5ef6d170ced98ef9d047c716 ARG BASE_IMAGE=gcr.io/distroless/static:nonroot@sha256:e3f945647ffb95b5839c07038d64f9811adf17308b9121d8a2b87b6a22a80a39 # This is not currently using --platform to prepare to cross-compile because we use gcc below to build diff --git a/hack/lib/kube-versions.txt b/hack/lib/kube-versions.txt index a2135b859..4cf179709 100644 --- a/hack/lib/kube-versions.txt +++ b/hack/lib/kube-versions.txt @@ -12,9 +12,9 @@ # Whenever a new version is added to this file, or when a version number # is edited in this file, please run hack/update.sh. # +1.36.0 1.35.3 1.34.6 1.33.10 1.32.13 1.31.14 -1.30.14 diff --git a/internal/admissionpluginconfig/admissionpluginconfig.go b/internal/admissionpluginconfig/admissionpluginconfig.go index 52e7cebeb..29eca19ae 100644 --- a/internal/admissionpluginconfig/admissionpluginconfig.go +++ b/internal/admissionpluginconfig/admissionpluginconfig.go @@ -1,4 +1,4 @@ -// Copyright 2024-2025 the Pinniped contributors. All Rights Reserved. +// Copyright 2024-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package admissionpluginconfig @@ -9,6 +9,8 @@ import ( "github.com/pkg/errors" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + mutatingadmissionpolicy "k8s.io/apiserver/pkg/admission/plugin/policy/mutating" validatingadmissionpolicy "k8s.io/apiserver/pkg/admission/plugin/policy/validating" "k8s.io/apiserver/pkg/server/options" "k8s.io/client-go/discovery" @@ -59,22 +61,20 @@ func configureAdmissionPlugins( recommendedOptions *options.RecommendedOptions, disableAdmissionPlugins []string, ) error { - if !slices.Contains(disableAdmissionPlugins, validatingadmissionpolicy.PluginName) { - // The admin did not explicitly disable the ValidatingAdmissionPolicy plugin, but we may still need disable it if - // the Kubernetes cluster on which we are running is too old. Check if the API server has such a resource. - hasValidatingAdmissionPolicyResource, err := k8sAPIServerHasValidatingAdmissionPolicyResource(discoveryClient) + if !slices.Contains(disableAdmissionPlugins, validatingadmissionpolicy.PluginName) || !slices.Contains(disableAdmissionPlugins, mutatingadmissionpolicy.PluginName) { + discoveredResources, err := performAPIDiscovery(discoveryClient) if err != nil { - return fmt.Errorf("failed looking up availability of ValidatingAdmissionPolicy resource: %w", err) + return fmt.Errorf("failed to perform k8s API discovery for purpose of checking availability of %s resource types: %w", + admissionregistrationv1.GroupName, err) } - if !hasValidatingAdmissionPolicyResource { - // Customize the admission plugins to avoid using the new ValidatingAdmissionPolicy plugin. - plog.Warning("could not find ValidatingAdmissionPolicy resource on this Kubernetes cluster " + - "(which is normal for clusters older than Kubernetes 1.30); " + - "disabling ValidatingAdmissionPolicy admission plugins for all Pinniped aggregated API resource types") + disableAdmissionPlugins = autoDisablePluginWhenResourceNotFound( + disableAdmissionPlugins, discoveredResources, validatingadmissionpolicy.PluginName, "1.30", + ) - disableAdmissionPlugins = append(disableAdmissionPlugins, validatingadmissionpolicy.PluginName) - } + disableAdmissionPlugins = autoDisablePluginWhenResourceNotFound( + disableAdmissionPlugins, discoveredResources, mutatingadmissionpolicy.PluginName, "1.36", + ) } // Mutate the recommendedOptions to potentially disable some admission plugins. @@ -84,10 +84,30 @@ func configureAdmissionPlugins( return nil } -func k8sAPIServerHasValidatingAdmissionPolicyResource(discoveryClient discovery.ServerResourcesInterface) (bool, error) { - // Perform discovery. We are looking for ValidatingAdmissionPolicy in group - // admissionregistration.k8s.io at any version. +func autoDisablePluginWhenResourceNotFound(disableAdmissionPlugins []string, resources []*metav1.APIResourceList, pluginName string, since string) []string { + if !slices.Contains(disableAdmissionPlugins, pluginName) { + // The admin did not explicitly disable the plugin, but we may still need to disable it if + // the Kubernetes cluster on which we are running is too old. Check if the API server has such a resource. + hasResource := k8sAPIServerHasResource(resources, pluginName) + + if !hasResource { + plog.Warning("could not find resource type on this Kubernetes cluster "+ + "(which is normal for older Kubernetes clusters); "+ + "disabling admission plugins for all Pinniped aggregated API resource types for that Kind", + "kind", pluginName, "kindIntroducedInKubernetesVersion", since) + + // Customize the admission plugins to avoid using the new plugin. + disableAdmissionPlugins = append(disableAdmissionPlugins, pluginName) + } + } + + return disableAdmissionPlugins +} + +func performAPIDiscovery(discoveryClient discovery.ServerResourcesInterface) ([]*metav1.APIResourceList, error) { + // Perform discovery. We are looking for resources in group admissionregistration.k8s.io at any version. resources, err := discoveryClient.ServerPreferredResources() + partialErr := &discovery.ErrGroupDiscoveryFailed{} if resources != nil && errors.As(err, &partialErr) { // This is a partial discovery error, most likely caused by Pinniped's own aggregated APIs @@ -99,30 +119,34 @@ func k8sAPIServerHasValidatingAdmissionPolicyResource(discoveryClient discovery. // There was an error for the specific group that we are trying to find, so // return an error. If we don't arrive here, then it must have been error(s) for // some other group(s) that we are not looking for, so we can ignore those error(s). - return false, err + return nil, err } } } else if err != nil { // We got some other type of error aside from a partial failure. - return false, fmt.Errorf("failed to perform k8s API discovery: %w", err) + return nil, err } + return resources, nil +} + +func k8sAPIServerHasResource(resources []*metav1.APIResourceList, resourceKind string) bool { // Now look at all discovered groups until we find version v1 of group admissionregistration.k8s.io. for _, resourcesPerGV := range resources { if resourcesPerGV.GroupVersion == admissionregistrationv1.SchemeGroupVersion.String() { - // Found the group, so now look to see if it includes ValidatingAdmissionPolicy as a resource, + // Found the group, so now look to see if it includes the given resourceKind as a resource type, // which went GA in Kubernetes 1.30, and could be enabled by a feature flag in previous versions. for _, resource := range resourcesPerGV.APIResources { - if resource.Kind == "ValidatingAdmissionPolicy" { + if resource.Kind == resourceKind { // Found it! - plog.Info("found ValidatingAdmissionPolicy resource on this Kubernetes cluster", + plog.Info("found "+admissionregistrationv1.GroupName+" resource on this Kubernetes cluster", "groupVersion", resourcesPerGV.GroupVersion, "kind", resource.Kind) - return true, nil + return true } } } } - // Didn't findValidatingAdmissionPolicy on this cluster. - return false, nil + // Didn't the resource kind on this cluster. + return false } diff --git a/internal/admissionpluginconfig/admissionpluginconfig_test.go b/internal/admissionpluginconfig/admissionpluginconfig_test.go index 4a4d14ce2..f0dd06eda 100644 --- a/internal/admissionpluginconfig/admissionpluginconfig_test.go +++ b/internal/admissionpluginconfig/admissionpluginconfig_test.go @@ -1,4 +1,4 @@ -// Copyright 2024-2025 the Pinniped contributors. All Rights Reserved. +// Copyright 2024-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package admissionpluginconfig @@ -30,6 +30,30 @@ func TestValidateAdmissionPluginNames(t *testing.T) { name: "empty", pluginNames: []string{}, }, + { + name: "nil", + pluginNames: nil, + }, + { + name: "only invalid values", + pluginNames: []string{"foo", "bar"}, + wantErr: "admission plugin names not recognized: [foo bar] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", + }, + { + name: "duplicate invalid names are reported once per occurrence", + pluginNames: []string{"foobar", "NamespaceLifecycle", "foobar"}, + wantErr: "admission plugin names not recognized: [foobar foobar] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", + }, + { + name: "comparison is case-sensitive", + pluginNames: []string{"namespacelifecycle"}, + wantErr: "admission plugin names not recognized: [namespacelifecycle] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", + }, + { + name: "empty string entry is not recognized", + pluginNames: []string{""}, + wantErr: "admission plugin names not recognized: [] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", + }, { name: "all current valid values (this list may change in future versions of Kubernetes packages)", pluginNames: []string{ @@ -37,6 +61,7 @@ func TestValidateAdmissionPluginNames(t *testing.T) { "MutatingAdmissionWebhook", "ValidatingAdmissionPolicy", "ValidatingAdmissionWebhook", + "MutatingAdmissionPolicy", }, }, { @@ -47,6 +72,7 @@ func TestValidateAdmissionPluginNames(t *testing.T) { "ValidatingAdmissionPolicy", "foobar", "ValidatingAdmissionWebhook", + "MutatingAdmissionPolicy", }, wantErr: "admission plugin names not recognized: [foobar] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", }, @@ -60,6 +86,7 @@ func TestValidateAdmissionPluginNames(t *testing.T) { "foobar", "ValidatingAdmissionWebhook", "foobaz", + "MutatingAdmissionPolicy", }, wantErr: "admission plugin names not recognized: [foobat foobar foobaz] (each must be one of [NamespaceLifecycle MutatingAdmissionPolicy MutatingAdmissionWebhook ValidatingAdmissionPolicy ValidatingAdmissionWebhook])", }, @@ -95,23 +122,16 @@ func TestConfigureAdmissionPlugins(t *testing.T) { }, } - newStyleAdmissionResourcesWithValidatingAdmissionPolicies := &metav1.APIResourceList{ + newStyleAdmissionResources := &metav1.APIResourceList{ GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), APIResources: []metav1.APIResource{ {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, {Name: "validatingadmissionpolicies", Kind: "ValidatingAdmissionPolicy"}, + {Name: "mutatingadmissionpolicies", Kind: "MutatingAdmissionPolicy"}, }, } - newStyleAdmissionResourcesWithValidatingAdmissionPoliciesAtOlderAPIVersion := &metav1.APIResourceList{ - GroupVersion: admissionregistrationv1.SchemeGroupVersion.Group + "/v1beta1", - APIResources: []metav1.APIResource{ - {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, - {Name: "validatingadmissionpolicies", Kind: "ValidatingAdmissionPolicy"}, - }, - } - - oldStyleAdmissionResourcesWithoutValidatingAdmissionPolicies := &metav1.APIResourceList{ + oldStyleAdmissionResources := &metav1.APIResourceList{ GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), APIResources: []metav1.APIResource{ {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, @@ -127,87 +147,158 @@ func TestConfigureAdmissionPlugins(t *testing.T) { wantDisabledPlugins []string }{ { - name: "when there is a ValidatingAdmissionPolicy resource and nil disabled list, then we do not change the plugin configuration", + name: "when there are modern resource types and nil disabled list, then we do not change the plugin configuration", availableAPIResources: []*metav1.APIResourceList{ coreResources, - newStyleAdmissionResourcesWithValidatingAdmissionPolicies, + newStyleAdmissionResources, appsResources, }, disabledPlugins: nil, wantDisabledPlugins: nil, }, { - name: "when there is a ValidatingAdmissionPolicy resource and empty disabled list, then we do not change the plugin configuration", + name: "when there are modern resource types resource and empty disabled list, then we do not change the plugin configuration", availableAPIResources: []*metav1.APIResourceList{ coreResources, - newStyleAdmissionResourcesWithValidatingAdmissionPolicies, + newStyleAdmissionResources, appsResources, }, disabledPlugins: []string{}, wantDisabledPlugins: nil, }, { - name: "when there is no ValidatingAdmissionPolicy resource, as there would not be in an old Kubernetes cluster, then we disable that admission plugin", + name: "when are modern resource types are missing, as there would not be in an old Kubernetes cluster, then we disable those admission plugins", availableAPIResources: []*metav1.APIResourceList{ coreResources, - oldStyleAdmissionResourcesWithoutValidatingAdmissionPolicies, + oldStyleAdmissionResources, + appsResources, + }, + disabledPlugins: nil, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + }, + { + name: "when only ValidatingAdmissionPolicy is missing, then we only automatically disable that admission plugin", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + { + GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), + APIResources: []metav1.APIResource{ + {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, + {Name: "mutatingadmissionpolicies", Kind: "MutatingAdmissionPolicy"}, + }, + }, appsResources, }, disabledPlugins: nil, wantDisabledPlugins: []string{"ValidatingAdmissionPolicy"}, }, { - name: "when there is only an older version of ValidatingAdmissionPolicy resource, as there would be in an old Kubernetes cluster with the feature flag enabled, then we disable that plugin (because the admission code wants to watch v1)", + name: "when only MutatingAdmissionPolicy is missing, then we only automatically disable that admission plugin", availableAPIResources: []*metav1.APIResourceList{ coreResources, - newStyleAdmissionResourcesWithValidatingAdmissionPoliciesAtOlderAPIVersion, + { + GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), + APIResources: []metav1.APIResource{ + {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, + {Name: "validatingadmissionpolicies", Kind: "ValidatingAdmissionPolicy"}, + }, + }, + appsResources, + }, + disabledPlugins: nil, + wantDisabledPlugins: []string{"MutatingAdmissionPolicy"}, + }, + { + name: "when only ValidatingAdmissionPolicy is explicitly disabled, then we may still need to automatically disable other admission plugins", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + { + GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), + APIResources: []metav1.APIResource{ + {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, + {Name: "validatingadmissionpolicies", Kind: "ValidatingAdmissionPolicy"}, + }, + }, + appsResources, + }, + disabledPlugins: []string{"ValidatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + }, + { + name: "when only MutatingAdmissionPolicy is explicitly disabled, then we may still need to automatically disable other admission plugins", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + { + GroupVersion: admissionregistrationv1.SchemeGroupVersion.String(), + APIResources: []metav1.APIResource{ + {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, + {Name: "mutatingadmissionpolicies", Kind: "MutatingAdmissionPolicy"}, + }, + }, + appsResources, + }, + disabledPlugins: []string{"MutatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"MutatingAdmissionPolicy", "ValidatingAdmissionPolicy"}, + }, + { + name: "when there are only older version of are modern resource types, as there would be in an old Kubernetes cluster with the feature flag enabled, then we disable those plugins (because the admission code wants to watch v1)", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + { + GroupVersion: admissionregistrationv1.SchemeGroupVersion.Group + "/v1beta1", + APIResources: []metav1.APIResource{ + {Name: "validatingwebhookconfigurations", Kind: "ValidatingWebhookConfiguration"}, + {Name: "validatingadmissionpolicies", Kind: "ValidatingAdmissionPolicy"}, + {Name: "mutatingadmissionpolicies", Kind: "MutatingAdmissionPolicy"}, + }, + }, appsResources, }, disabledPlugins: []string{}, - wantDisabledPlugins: []string{"ValidatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, }, { - name: "when there is no ValidatingAdmissionPolicy resource, and the ValidatingAdmissionPolicy plugin was explicitly disabled, then do not perform discovery, and just disable it", + name: "when there are no are modern resource types, and all the modern resource type plugins were explicitly disabled, then do not perform discovery, and just disable them", availableAPIResources: []*metav1.APIResourceList{}, - discoveryErr: errors.New("total error from API discovery client"), - disabledPlugins: []string{"MutatingAdmissionWebhook", "ValidatingAdmissionPolicy"}, - wantDisabledPlugins: []string{"MutatingAdmissionWebhook", "ValidatingAdmissionPolicy"}, + discoveryErr: errors.New("total error from API discovery client"), // shouldn't matter because discovery should have been skipped + disabledPlugins: []string{"MutatingAdmissionWebhook", "ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"MutatingAdmissionWebhook", "ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, }, { - name: "when there is no ValidatingAdmissionPolicy resource, and the ValidatingAdmissionPolicy plugin was not explicitly disabled, still disable it", + name: "when there are no modern resource types, and the modern resource type plugins were not explicitly disabled, still disable them", availableAPIResources: []*metav1.APIResourceList{ coreResources, - oldStyleAdmissionResourcesWithoutValidatingAdmissionPolicies, + oldStyleAdmissionResources, appsResources, }, disabledPlugins: []string{"MutatingAdmissionWebhook", "NamespaceLifecycle"}, - wantDisabledPlugins: []string{"MutatingAdmissionWebhook", "NamespaceLifecycle", "ValidatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"MutatingAdmissionWebhook", "NamespaceLifecycle", "ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, }, { name: "when there is a total error returned by discovery", discoveryErr: errors.New("total error from API discovery client"), - wantErr: "failed looking up availability of ValidatingAdmissionPolicy resource: failed to perform k8s API discovery: total error from API discovery client", + wantErr: "failed to perform k8s API discovery for purpose of checking availability of admissionregistration.k8s.io resource types: total error from API discovery client", wantDisabledPlugins: nil, }, { name: "when there is a partial error returned by discovery which does include the group of interest, then we cannot ignore the error, because we could not discover anything about that group", availableAPIResources: []*metav1.APIResourceList{ coreResources, - oldStyleAdmissionResourcesWithoutValidatingAdmissionPolicies, + oldStyleAdmissionResources, appsResources, }, discoveryErr: &discovery.ErrGroupDiscoveryFailed{Groups: map[schema.GroupVersion]error{ schema.GroupVersion{Group: "someGroup", Version: "v1"}: errors.New("fake error for someGroup"), schema.GroupVersion{Group: "admissionregistration.k8s.io", Version: "v1"}: errors.New("fake error for admissionregistration"), }}, - wantErr: "failed looking up availability of ValidatingAdmissionPolicy resource: unable to retrieve the complete list of server APIs: admissionregistration.k8s.io/v1: fake error for admissionregistration, someGroup/v1: fake error for someGroup", + wantErr: "failed to perform k8s API discovery for purpose of checking availability of admissionregistration.k8s.io resource types: unable to retrieve the complete list of server APIs: admissionregistration.k8s.io/v1: fake error for admissionregistration, someGroup/v1: fake error for someGroup", wantDisabledPlugins: nil, }, { name: "when there is a partial error returned by discovery on an new-style cluster which does not include the group of interest, then we can ignore the error and use the default plugins", availableAPIResources: []*metav1.APIResourceList{ coreResources, - newStyleAdmissionResourcesWithValidatingAdmissionPolicies, + newStyleAdmissionResources, appsResources, }, discoveryErr: &discovery.ErrGroupDiscoveryFailed{Groups: map[schema.GroupVersion]error{ @@ -220,15 +311,87 @@ func TestConfigureAdmissionPlugins(t *testing.T) { name: "when there is a partial error returned by discovery on an old-style cluster which does not include the group of interest, then we can ignore the error and customize the plugins", availableAPIResources: []*metav1.APIResourceList{ coreResources, - oldStyleAdmissionResourcesWithoutValidatingAdmissionPolicies, + oldStyleAdmissionResources, appsResources, }, discoveryErr: &discovery.ErrGroupDiscoveryFailed{Groups: map[schema.GroupVersion]error{ schema.GroupVersion{Group: "someGroup", Version: "v1"}: errors.New("fake error for someGroup"), schema.GroupVersion{Group: "someOtherGroup", Version: "v1"}: errors.New("fake error for someOtherGroup"), }}, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + }, + { + name: "when both modern resource type plugins are explicitly disabled on a modern cluster, discovery is skipped", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + newStyleAdmissionResources, + appsResources, + }, + discoveryErr: errors.New("discovery should not have been called"), // would surface if the short-circuit were removed + disabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + }, + { + name: "when only ValidatingAdmissionPolicy is explicitly disabled on a fully modern cluster, then MutatingAdmissionPolicy is not auto-disabled", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + newStyleAdmissionResources, + appsResources, + }, + disabledPlugins: []string{"ValidatingAdmissionPolicy"}, wantDisabledPlugins: []string{"ValidatingAdmissionPolicy"}, }, + { + name: "when only MutatingAdmissionPolicy is explicitly disabled on a fully modern cluster, then ValidatingAdmissionPolicy is not auto-disabled", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + newStyleAdmissionResources, + appsResources, + }, + disabledPlugins: []string{"MutatingAdmissionPolicy"}, + wantDisabledPlugins: []string{"MutatingAdmissionPolicy"}, + }, + { + name: "when a non-policy plugin is explicitly disabled on a modern cluster, only that plugin is disabled", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + newStyleAdmissionResources, + appsResources, + }, + disabledPlugins: []string{"NamespaceLifecycle"}, + wantDisabledPlugins: []string{"NamespaceLifecycle"}, + }, + { + name: "when discovery returns nil resources along with a partial error, then the error is returned", + availableAPIResources: nil, + discoveryErr: &discovery.ErrGroupDiscoveryFailed{Groups: map[schema.GroupVersion]error{ + schema.GroupVersion{Group: "someGroup", Version: "v1"}: errors.New("fake error for someGroup"), + }}, + wantErr: "failed to perform k8s API discovery for purpose of checking availability of admissionregistration.k8s.io resource types: unable to retrieve the complete list of server APIs: someGroup/v1: fake error for someGroup", + wantDisabledPlugins: nil, + }, + { + name: "when there is a partial error returned by discovery which includes the admissionregistration group at a non-v1 version, then we cannot ignore the error", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + oldStyleAdmissionResources, + appsResources, + }, + discoveryErr: &discovery.ErrGroupDiscoveryFailed{Groups: map[schema.GroupVersion]error{ + schema.GroupVersion{Group: "admissionregistration.k8s.io", Version: "v1beta1"}: errors.New("fake error for admissionregistration v1beta1"), + }}, + wantErr: "failed to perform k8s API discovery for purpose of checking availability of admissionregistration.k8s.io resource types: unable to retrieve the complete list of server APIs: admissionregistration.k8s.io/v1beta1: fake error for admissionregistration v1beta1", + wantDisabledPlugins: nil, + }, + { + name: "when the admissionregistration group is entirely absent from discovery, then we disable both modern admission plugins", + availableAPIResources: []*metav1.APIResourceList{ + coreResources, + appsResources, + }, + disabledPlugins: nil, + wantDisabledPlugins: []string{"ValidatingAdmissionPolicy", "MutatingAdmissionPolicy"}, + }, } for _, tt := range tests { diff --git a/internal/concierge/impersonator/impersonator.go b/internal/concierge/impersonator/impersonator.go index b145856d0..cabdb7b42 100644 --- a/internal/concierge/impersonator/impersonator.go +++ b/internal/concierge/impersonator/impersonator.go @@ -26,7 +26,6 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/serializer" utilerrors "k8s.io/apimachinery/pkg/util/errors" - "k8s.io/apimachinery/pkg/util/httpstream" utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/sets" auditinternal "k8s.io/apiserver/pkg/apis/audit" @@ -47,6 +46,7 @@ import ( "k8s.io/client-go/rest" "k8s.io/client-go/transport" utilversion "k8s.io/component-base/compatibility" + "k8s.io/streaming/pkg/httpstream" "go.pinniped.dev/internal/constable" "go.pinniped.dev/internal/crypto/ptls" diff --git a/internal/concierge/impersonator/impersonator_test.go b/internal/concierge/impersonator/impersonator_test.go index ff56b09a6..13ec85e3a 100644 --- a/internal/concierge/impersonator/impersonator_test.go +++ b/internal/concierge/impersonator/impersonator_test.go @@ -29,7 +29,6 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/apimachinery/pkg/util/httpstream" auditinternal "k8s.io/apiserver/pkg/apis/audit" "k8s.io/apiserver/pkg/audit" "k8s.io/apiserver/pkg/authentication/authenticator" @@ -43,6 +42,7 @@ import ( "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd/api" utilversion "k8s.io/component-base/compatibility" + "k8s.io/streaming/pkg/httpstream" "k8s.io/utils/ptr" loginv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1" @@ -490,14 +490,18 @@ func TestImpersonator(t *testing.T) { clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), clientImpersonateUser: rest.ImpersonationConfig{UserName: "some-other-username"}, // this fails because the delegating authorizer in this test only allows system:masters and fails everything else - wantError: `users "some-other-username" is forbidden: User "test-username" ` + - `cannot impersonate resource "users" in API group "" at the cluster scope: ` + + wantError: `namespaces is forbidden: User "test-username" ` + + `cannot impersonate-on:user-info:list resource "namespaces" in API group "" at the cluster scope: ` + `decision made by impersonation-proxy.concierge.pinniped.dev`, wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{ { User: defaultInfoForTestUsername(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", + }, + { + User: defaultInfoForTestUsername(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", }, } }, @@ -551,35 +555,27 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "fire", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "elements", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "fire", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "good", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "elements", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "stuff", ResourceRequest: true, Path: "", + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "fire", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role1", ResourceRequest: true, Path: "", + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "elements", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role2", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "smaller", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "things", ResourceRequest: true, Path: "", + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/user/domain/name", Name: "a-domain-name", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), @@ -593,6 +589,22 @@ func TestImpersonator(t *testing.T) { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "colors", Name: "blue", ResourceRequest: true, Path: "", }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "good", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "stuff", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "smaller", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "things", ResourceRequest: true, Path: "", + }, { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "scopes.authorization.openshift.io", Name: "user:info", ResourceRequest: true, Path: "", @@ -605,6 +617,18 @@ func TestImpersonator(t *testing.T) { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "scopes.authorization.openshift.io", Name: "user:check-access", ResourceRequest: true, Path: "", }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role1", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role2", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/project/id", Name: "a-project-id", ResourceRequest: true, Path: "", + }, { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/project/name", Name: "a-project-name", ResourceRequest: true, Path: "", @@ -613,14 +637,6 @@ func TestImpersonator(t *testing.T) { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/user/domain/id", Name: "a-domain-id", ResourceRequest: true, Path: "", }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/user/domain/name", Name: "a-domain-name", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/project/id", Name: "a-project-id", ResourceRequest: true, Path: "", - }, { User: &user.DefaultInfo{ Name: "fire", @@ -655,18 +671,22 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "root", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "root", ResourceRequest: true, Path: "", }, { User: &user.DefaultInfo{ Name: "some-other-username", UID: "root", Groups: []string{"system:authenticated"}, - Extra: map[string][]string{}, + Extra: nil, }, Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, @@ -685,18 +705,22 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "magic", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "magic", ResourceRequest: true, Path: "", }, { User: &user.DefaultInfo{ Name: "some-other-username", UID: "magic", Groups: []string{"system:authenticated"}, - Extra: map[string][]string{}, + Extra: nil, }, Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, @@ -719,20 +743,32 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "other-user-to-impersonate", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "other-user-to-impersonate", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "something.impersonation-proxy.concierge.pinniped.dev", Name: "bad data", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "other-user-to-impersonate", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "key", Name: "good", ResourceRequest: true, Path: "", }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "something.impersonation-proxy.concierge.pinniped.dev", Name: "bad data", ResourceRequest: true, Path: "", + }, { User: &user.DefaultInfo{ Name: "other-user-to-impersonate", @@ -763,11 +799,23 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), @@ -812,11 +860,23 @@ func TestImpersonator(t *testing.T) { return []authorizer.AttributesRecord{ { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, { User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate:user-info", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", + }, + { + User: defaultInfoForTestAdmin(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", }, { User: defaultInfoForTestAdmin(credentialID), @@ -858,14 +918,18 @@ func TestImpersonator(t *testing.T) { clientMutateHeaders: func(header http.Header) { header["imPerSonaTE-USer"] = []string{"PANDA"} }, - wantError: `users "PANDA" is forbidden: User "test-username" ` + - `cannot impersonate resource "users" in API group "" at the cluster scope: ` + + wantError: `namespaces is forbidden: User "test-username" ` + + `cannot impersonate-on:user-info:list resource "namespaces" in API group "" at the cluster scope: ` + `decision made by impersonation-proxy.concierge.pinniped.dev`, wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{ { User: defaultInfoForTestUsername(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "PANDA", ResourceRequest: true, Path: "", + Verb: "impersonate-on:user-info:list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", + }, + { + User: defaultInfoForTestUsername(credentialID), + Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "users", Subresource: "", Name: "PANDA", ResourceRequest: true, Path: "", }, } }, @@ -876,7 +940,7 @@ func TestImpersonator(t *testing.T) { clientMutateHeaders: func(header http.Header) { header["imPerSonaTE-uid"] = []string{"007"} }, - wantError: `requested [{UID 007 authentication.k8s.io/v1 }] without impersonating a user`, + wantError: `requested &user.DefaultInfo{Name:"", UID:"007", Groups:[]string(nil), Extra:map[string][]string(nil)} without impersonating a user name`, wantAuthorizerAttributes: func(_credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{} }, @@ -887,7 +951,7 @@ func TestImpersonator(t *testing.T) { clientMutateHeaders: func(header http.Header) { header["Impersonate-Uid"] = []string{"008"} }, - wantError: `requested [{UID 008 authentication.k8s.io/v1 }] without impersonating a user`, + wantError: `requested &user.DefaultInfo{Name:"", UID:"008", Groups:[]string(nil), Extra:map[string][]string(nil)} without impersonating a user name`, wantAuthorizerAttributes: func(_credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{} }, @@ -2437,10 +2501,33 @@ type attributeRecorder struct { attributes []authorizer.AttributesRecord } -func (r *attributeRecorder) record(attributes authorizer.Attributes) { +func (r *attributeRecorder) record(attrs authorizer.Attributes) { r.lock.Lock() defer r.lock.Unlock() - r.attributes = append(r.attributes, *attributes.(*authorizer.AttributesRecord)) + + // Starting in k8s 1.36 libs, attrs is no longer of concrete type *authorizer.AttributesRecord. + // Instead, it is of type *impersonation.impersonateOnAttributes, which is a private type. + // Convert attrs to an authorizer.AttributesRecord by calling its getters. + fieldSelector, fieldSelectorErr := attrs.GetFieldSelector() + labelSelector, labelSelectorErr := attrs.GetLabelSelector() + record := authorizer.AttributesRecord{ + User: attrs.GetUser(), + Verb: attrs.GetVerb(), + Namespace: attrs.GetNamespace(), + APIGroup: attrs.GetAPIGroup(), + APIVersion: attrs.GetAPIVersion(), + Resource: attrs.GetResource(), + Subresource: attrs.GetSubresource(), + Name: attrs.GetName(), + ResourceRequest: attrs.IsResourceRequest(), + Path: attrs.GetPath(), + FieldSelectorRequirements: fieldSelector, + FieldSelectorParsingErr: fieldSelectorErr, + LabelSelectorRequirements: labelSelector, + LabelSelectorParsingErr: labelSelectorErr, + } + + r.attributes = append(r.attributes, record) } func Test_isRequestForHealthCheck(t *testing.T) { diff --git a/internal/controller/kubecertagent/pod_command_executor_test.go b/internal/controller/kubecertagent/pod_command_executor_test.go index d5e30d3c1..56fcce655 100644 --- a/internal/controller/kubecertagent/pod_command_executor_test.go +++ b/internal/controller/kubecertagent/pod_command_executor_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package kubecertagent @@ -9,7 +9,6 @@ import ( "testing" "github.com/stretchr/testify/require" - apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/client-go/rest" "go.pinniped.dev/internal/crypto/ptls" @@ -34,11 +33,13 @@ func TestSecureTLS(t *testing.T) { client, err := kubeclient.New(kubeclient.WithConfig(config)) require.NoError(t, err) - // build this exactly like our production could does + // Build this exactly like our production code does. podCommandExecutor := NewPodCommandExecutor(client.JSONConfig, client.Kubernetes) got, err := podCommandExecutor.Exec(context.Background(), "podNamespace", "podName", "containerName", "command", "arg1", "arg2") - require.Equal(t, &apierrors.StatusError{}, err) + // Expect to get an error because the fake server above does not allow upgrade to spdy. + // This doesn't matter because all we really care about in this test is the results of AssertTLS. + require.EqualError(t, err, "unable to upgrade connection: empty server response") require.Empty(t, got) require.True(t, sawRequest) diff --git a/internal/githubclient/githubclient.go b/internal/githubclient/githubclient.go index bdecf8096..0df1c9d6f 100644 --- a/internal/githubclient/githubclient.go +++ b/internal/githubclient/githubclient.go @@ -12,7 +12,7 @@ import ( "slices" "strings" - "github.com/google/go-github/v84/github" + "github.com/google/go-github/v85/github" "k8s.io/apimachinery/pkg/util/sets" "go.pinniped.dev/internal/plog" diff --git a/internal/githubclient/githubclient_test.go b/internal/githubclient/githubclient_test.go index fd6b3f4a0..d9e02e928 100644 --- a/internal/githubclient/githubclient_test.go +++ b/internal/githubclient/githubclient_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - "github.com/google/go-github/v84/github" + "github.com/google/go-github/v85/github" "github.com/migueleliasweb/go-github-mock/src/mock" "github.com/stretchr/testify/require" "k8s.io/client-go/util/cert" diff --git a/internal/registry/clientsecretrequest/rest.go b/internal/registry/clientsecretrequest/rest.go index 333a7b4d3..561a41c33 100644 --- a/internal/registry/clientsecretrequest/rest.go +++ b/internal/registry/clientsecretrequest/rest.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Package clientsecretrequest provides REST functionality for the CredentialRequest resource. @@ -15,8 +15,8 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" + "k8s.io/apimachinery/pkg/api/validate/content" genericvalidation "k8s.io/apimachinery/pkg/api/validation" - "k8s.io/apimachinery/pkg/api/validation/path" metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -307,7 +307,7 @@ func (r *REST) validateRequest( if !strings.HasPrefix(name, "client.oauth.pinniped.dev-") { errs = append(errs, `must start with 'client.oauth.pinniped.dev-'`) } - return slices.Concat(errs, path.IsValidPathSegmentName(name)) + return slices.Concat(errs, content.IsPathSegmentName(name)) }, field.NewPath("metadata"), ); len(errs) > 0 { diff --git a/internal/registry/clientsecretrequest/rest_test.go b/internal/registry/clientsecretrequest/rest_test.go index 3da61acb1..b16a0453b 100644 --- a/internal/registry/clientsecretrequest/rest_test.go +++ b/internal/registry/clientsecretrequest/rest_test.go @@ -135,7 +135,7 @@ func TestCreate(t *testing.T) { wantErrStatus: &metav1.Status{ Status: metav1.StatusFailure, Message: `not an OIDCClientSecretRequest: &v1.Status{TypeMeta:v1.TypeMeta{Kind:"", APIVersion:""}, ` + - `ListMeta:v1.ListMeta{SelfLink:"", ResourceVersion:"", Continue:"", RemainingItemCount:(*int64)(nil)},` + + `ListMeta:v1.ListMeta{SelfLink:"", ResourceVersion:"", Continue:"", RemainingItemCount:(*int64)(nil), ShardInfo:(*v1.ShardInfo)(nil)},` + ` Status:"", Message:"", Reason:"", Details:(*v1.StatusDetails)(nil), Code:0}`, Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, diff --git a/internal/registry/whoamirequest/rest_test.go b/internal/registry/whoamirequest/rest_test.go index 9ffcaafbd..07b316f83 100644 --- a/internal/registry/whoamirequest/rest_test.go +++ b/internal/registry/whoamirequest/rest_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package whoamirequest @@ -73,8 +73,10 @@ func TestCreate(t *testing.T) { createValidation: nil, options: nil, }, - want: nil, - wantErr: `not a WhoAmIRequest: &v1.Status{TypeMeta:v1.TypeMeta{Kind:"", APIVersion:""}, ListMeta:v1.ListMeta{SelfLink:"", ResourceVersion:"", Continue:"", RemainingItemCount:(*int64)(nil)}, Status:"", Message:"", Reason:"", Details:(*v1.StatusDetails)(nil), Code:0}`, + want: nil, + wantErr: `not a WhoAmIRequest: &v1.Status{TypeMeta:v1.TypeMeta{Kind:"", APIVersion:""}, ` + + `ListMeta:v1.ListMeta{SelfLink:"", ResourceVersion:"", Continue:"", RemainingItemCount:(*int64)(nil), ShardInfo:(*v1.ShardInfo)(nil)}, ` + + `Status:"", Message:"", Reason:"", Details:(*v1.StatusDetails)(nil), Code:0}`, }, { name: "bad options", diff --git a/internal/testutil/actions.go b/internal/testutil/actions.go index 5523e686f..fd6498888 100644 --- a/internal/testutil/actions.go +++ b/internal/testutil/actions.go @@ -1,4 +1,4 @@ -// Copyright 2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2024-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package testutil @@ -16,6 +16,7 @@ func ScrubListOptionsForActions(t *testing.T, actions []coretesting.Action) []co t.Helper() scrubbedActions := make([]coretesting.Action, 0, len(actions)) + for _, action := range actions { switch action.GetVerb() { case "watch": @@ -23,7 +24,13 @@ func ScrubListOptionsForActions(t *testing.T, actions []coretesting.Action) []co require.True(t, ok) watchAction.ListOptions.AllowWatchBookmarks = false watchAction.ListOptions.TimeoutSeconds = nil + + // These get filled in starting in k8s 1.36 packages, but we don't care to assert about them. + watchAction.ListOptions.ResourceVersion = "" + watchAction.WatchRestrictions.ResourceVersion = "" + scrubbedActions = append(scrubbedActions, watchAction) + case "list": listAction, ok := action.(coretesting.ListActionImpl) require.True(t, ok) @@ -31,9 +38,11 @@ func ScrubListOptionsForActions(t *testing.T, actions []coretesting.Action) []co listAction.ListOptions.TimeoutSeconds = nil listAction.ListOptions.Limit = 0 scrubbedActions = append(scrubbedActions, listAction) + default: scrubbedActions = append(scrubbedActions, action) } } + return scrubbedActions } diff --git a/internal/testutil/tlsserver/tlsserver.go b/internal/testutil/tlsserver/tlsserver.go index 943519dcc..688c12315 100644 --- a/internal/testutil/tlsserver/tlsserver.go +++ b/internal/testutil/tlsserver/tlsserver.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2026 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package tlsserver @@ -19,8 +19,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/util/httpstream" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/streaming/pkg/httpstream" "go.pinniped.dev/internal/crypto/ptls" ) diff --git a/test/integration/concierge_impersonation_proxy_test.go b/test/integration/concierge_impersonation_proxy_test.go index 450c3b924..b6f35d7c3 100644 --- a/test/integration/concierge_impersonation_proxy_test.go +++ b/test/integration/concierge_impersonation_proxy_test.go @@ -590,10 +590,10 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl // this user is not allowed to impersonate other users require.True(t, apierrors.IsForbidden(err), err) require.EqualError(t, err, fmt.Sprintf( - `users "other-user-to-impersonate" is forbidden: `+ - `User "%s" cannot impersonate resource "users" in API group "" at the cluster scope: `+ + `secrets "%s" is forbidden: `+ + `User "%s" cannot impersonate-on:user-info:get resource "secrets" in API group "" in the namespace "%s": `+ `decision made by impersonation-proxy.concierge.pinniped.dev`, - env.TestUser.ExpectedUsername)) + impersonationProxyTLSSecretName(env), env.TestUser.ExpectedUsername, env.ConciergeNamespace)) // impersonate the GC service account instead which can read anything (the binding to edit allows this) nestedImpersonationClientAsSA, credentialsAsSA := newImpersonationProxyClient(t, impersonationProxyURL, impersonationProxyCACertPEM, @@ -778,7 +778,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl }) _, errUID := testlib.NewKubeclient(t, nestedImpersonationUIDOnly).Kubernetes.CoreV1().Secrets("foo").Get(ctx, "bar", metav1.GetOptions{}) - msg := `requested [{UID some-awesome-uid authentication.k8s.io/v1 }] without impersonating a user` + msg := `requested &user.DefaultInfo{Name:"", UID:"some-awesome-uid", Groups:[]string(nil), Extra:map[string][]string(nil)} without impersonating a user name` require.EqualError(t, errUID, msg) require.True(t, apierrors.IsBadRequest(errUID), errUID) // starting in k8s 1.35 libs, this was changed from internal error to bad request require.Equal(t, &apierrors.StatusError{ @@ -837,10 +837,10 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl // this SA is not yet allowed to impersonate SAs require.True(t, apierrors.IsForbidden(err), err) require.EqualError(t, err, fmt.Sprintf( - `serviceaccounts "root-ca-cert-publisher" is forbidden: `+ - `User "%s" cannot impersonate resource "serviceaccounts" in API group "" in the namespace "kube-system": `+ + `whoamirequests.identity.concierge.%s is forbidden: `+ + `User "%s" cannot impersonate-on:serviceaccount:create resource "whoamirequests" in API group "identity.concierge.%s" at the cluster scope: `+ `decision made by impersonation-proxy.concierge.pinniped.dev`, - serviceaccount.MakeUsername(namespaceName, saName))) + env.APIGroupSuffix, serviceaccount.MakeUsername(namespaceName, saName), env.APIGroupSuffix)) // webhook authorizer deny cache TTL is 10 seconds so we need to wait long enough for it to drain time.Sleep(15 * time.Second)