From b2747a0ebe514798388fc68e199a8eb15c5e4b17 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Thu, 18 Dec 2025 13:20:41 -0800 Subject: [PATCH 01/11] bump deps to kube 1.35 with new codegen --- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 2 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- .../v1alpha1/zz_generated.conversion.go | 235 - .../identity/validation/validation.go | 14 - generated/1.26/apis/go.mod | 9 - generated/1.26/apis/go.sum | 300 -- .../supervisor/clientsecret/v1alpha1/doc.go | 11 - .../concierge/clientset/versioned/doc.go | 7 - .../fake/fake_authentication_client.go | 31 - .../v1alpha1/fake/fake_jwtauthenticator.go | 120 - .../fake/fake_webhookauthenticator.go | 120 - .../v1alpha1/jwtauthenticator.go | 171 - .../v1alpha1/webhookauthenticator.go | 171 - .../typed/config/v1alpha1/config_client.go | 94 - .../typed/config/v1alpha1/credentialissuer.go | 171 - .../v1alpha1/fake/fake_config_client.go | 27 - .../v1alpha1/fake/fake_credentialissuer.go | 120 - .../v1alpha1/fake/fake_identity_client.go | 27 - .../v1alpha1/fake/fake_whoamirequest.go | 34 - .../identity/v1alpha1/identity_client.go | 94 - .../typed/identity/v1alpha1/whoamirequest.go | 51 - .../fake/fake_tokencredentialrequest.go | 34 - .../authentication/v1alpha1/interface.go | 39 - .../externalversions/config/interface.go | 33 - .../config/v1alpha1/interface.go | 32 - .../informers/externalversions/factory.go | 244 - .../informers/externalversions/generic.go | 56 - .../internalinterfaces/factory_interfaces.go | 27 - .../v1alpha1/jwtauthenticator.go | 55 - .../v1alpha1/webhookauthenticator.go | 55 - .../config/v1alpha1/credentialissuer.go | 55 - generated/1.26/client/go.mod | 13 - generated/1.26/client/go.sum | 345 -- .../clientset/versioned/clientset.go | 133 - .../supervisor/clientset/versioned/doc.go | 7 - .../versioned/fake/clientset_generated.go | 86 - .../clientset/versioned/fake/register.go | 47 - .../clientset/versioned/scheme/register.go | 47 - .../v1alpha1/fake/fake_clientsecret_client.go | 27 - .../fake/fake_oidcclientsecretrequest.go | 36 - .../v1alpha1/oidcclientsecretrequest.go | 54 - .../v1alpha1/fake/fake_federationdomain.go | 129 - .../config/v1alpha1/fake/fake_oidcclient.go | 129 - .../typed/config/v1alpha1/federationdomain.go | 182 - .../typed/config/v1alpha1/oidcclient.go | 182 - .../activedirectoryidentityprovider.go | 182 - .../fake_activedirectoryidentityprovider.go | 129 - .../fake/fake_githubidentityprovider.go | 129 - .../idp/v1alpha1/fake/fake_idp_client.go | 39 - .../fake/fake_ldapidentityprovider.go | 129 - .../fake/fake_oidcidentityprovider.go | 129 - .../idp/v1alpha1/githubidentityprovider.go | 182 - .../typed/idp/v1alpha1/idp_client.go | 109 - .../idp/v1alpha1/ldapidentityprovider.go | 182 - .../idp/v1alpha1/oidcidentityprovider.go | 182 - .../config/v1alpha1/oidcclient.go | 77 - .../informers/externalversions/factory.go | 244 - .../informers/externalversions/generic.go | 62 - .../externalversions/idp/interface.go | 33 - .../activedirectoryidentityprovider.go | 77 - .../idp/v1alpha1/githubidentityprovider.go | 77 - .../listers/config/v1alpha1/oidcclient.go | 86 - .../idp/v1alpha1/githubidentityprovider.go | 86 - .../idp/v1alpha1/ldapidentityprovider.go | 86 - .../idp/v1alpha1/oidcidentityprovider.go | 86 - .../openapi/zz_generated.openapi.go | 2664 ---------- ...cierge.pinniped.dev_jwtauthenticators.yaml | 431 -- ...cierge.pinniped.dev_credentialissuers.yaml | 243 - ...rvisor.pinniped.dev_federationdomains.yaml | 456 -- ...g.supervisor.pinniped.dev_oidcclients.yaml | 230 - ....dev_activedirectoryidentityproviders.yaml | 333 -- ...or.pinniped.dev_ldapidentityproviders.yaml | 324 -- generated/1.27/README.adoc | 2726 ---------- .../apis/concierge/identity/v1alpha1/doc.go | 11 - .../v1alpha1/zz_generated.conversion.go | 235 - .../identity/validation/validation.go | 14 - .../1.27/apis/concierge/login/v1alpha1/doc.go | 11 - generated/1.27/apis/go.mod | 9 - generated/1.27/apis/go.sum | 353 -- .../clientset/versioned/clientset.go | 146 - .../clientset/versioned/fake/register.go | 49 - .../v1alpha1/authentication_client.go | 99 - .../fake/fake_authentication_client.go | 31 - .../v1alpha1/fake/fake_jwtauthenticator.go | 119 - .../fake/fake_webhookauthenticator.go | 119 - .../v1alpha1/jwtauthenticator.go | 171 - .../v1alpha1/webhookauthenticator.go | 171 - .../typed/config/v1alpha1/config_client.go | 94 - .../typed/config/v1alpha1/credentialissuer.go | 171 - .../v1alpha1/fake/fake_credentialissuer.go | 119 - .../v1alpha1/fake/fake_whoamirequest.go | 33 - .../typed/identity/v1alpha1/whoamirequest.go | 51 - .../fake/fake_tokencredentialrequest.go | 33 - .../typed/login/v1alpha1/login_client.go | 94 - .../authentication/v1alpha1/interface.go | 39 - .../v1alpha1/jwtauthenticator.go | 76 - .../v1alpha1/webhookauthenticator.go | 76 - .../informers/externalversions/factory.go | 244 - .../v1alpha1/jwtauthenticator.go | 55 - .../v1alpha1/webhookauthenticator.go | 55 - .../config/v1alpha1/credentialissuer.go | 55 - generated/1.27/client/go.mod | 13 - generated/1.27/client/go.sum | 396 -- .../versioned/fake/clientset_generated.go | 86 - .../clientset/versioned/fake/register.go | 47 - .../clientset/versioned/scheme/register.go | 47 - .../v1alpha1/clientsecret_client.go | 94 - .../fake/fake_oidcclientsecretrequest.go | 35 - .../v1alpha1/oidcclientsecretrequest.go | 54 - .../typed/config/v1alpha1/config_client.go | 99 - .../v1alpha1/fake/fake_federationdomain.go | 128 - .../config/v1alpha1/fake/fake_oidcclient.go | 128 - .../typed/config/v1alpha1/federationdomain.go | 182 - .../typed/config/v1alpha1/oidcclient.go | 182 - .../activedirectoryidentityprovider.go | 182 - .../fake_activedirectoryidentityprovider.go | 128 - .../fake/fake_githubidentityprovider.go | 128 - .../fake/fake_ldapidentityprovider.go | 128 - .../fake/fake_oidcidentityprovider.go | 128 - .../idp/v1alpha1/githubidentityprovider.go | 182 - .../typed/idp/v1alpha1/idp_client.go | 109 - .../idp/v1alpha1/ldapidentityprovider.go | 182 - .../idp/v1alpha1/oidcidentityprovider.go | 182 - .../config/v1alpha1/interface.go | 39 - .../config/v1alpha1/oidcclient.go | 77 - .../informers/externalversions/factory.go | 244 - .../informers/externalversions/generic.go | 62 - .../externalversions/idp/interface.go | 33 - .../idp/v1alpha1/interface.go | 53 - .../idp/v1alpha1/ldapidentityprovider.go | 77 - .../idp/v1alpha1/oidcidentityprovider.go | 77 - .../internalinterfaces/factory_interfaces.go | 27 - .../listers/config/v1alpha1/oidcclient.go | 86 - .../activedirectoryidentityprovider.go | 86 - .../idp/v1alpha1/githubidentityprovider.go | 86 - .../openapi/zz_generated.openapi.go | 2664 ---------- ...ge.pinniped.dev_webhookauthenticators.yaml | 185 - ...g.supervisor.pinniped.dev_oidcclients.yaml | 230 - ....pinniped.dev_githubidentityproviders.yaml | 338 -- ...or.pinniped.dev_ldapidentityproviders.yaml | 324 -- ...or.pinniped.dev_oidcidentityproviders.yaml | 331 -- .../concierge/authentication/v1alpha1/doc.go | 8 - .../authentication/v1alpha1/register.go | 45 - .../v1alpha1/types_jwtauthenticator.go | 312 -- .../authentication/v1alpha1/types_tls.go | 47 - .../v1alpha1/types_webhookauthenticator.go | 74 - .../v1alpha1/zz_generated.deepcopy.go | 341 -- .../apis/concierge/config/v1alpha1/doc.go | 8 - .../concierge/config/v1alpha1/register.go | 43 - .../config/v1alpha1/types_credentialissuer.go | 257 - .../config/v1alpha1/zz_generated.deepcopy.go | 259 - generated/1.28/apis/concierge/identity/doc.go | 8 - .../1.28/apis/concierge/identity/register.go | 38 - .../apis/concierge/identity/types_userinfo.go | 37 - .../concierge/identity/types_whoamirequest.go | 42 - .../concierge/identity/v1alpha1/conversion.go | 4 - .../concierge/identity/v1alpha1/defaults.go | 12 - .../apis/concierge/identity/v1alpha1/doc.go | 11 - .../concierge/identity/v1alpha1/register.go | 43 - .../identity/v1alpha1/types_userinfo.go | 41 - .../identity/v1alpha1/types_whoamirequest.go | 45 - .../v1alpha1/zz_generated.deepcopy.go | 185 - .../v1alpha1/zz_generated.defaults.go | 20 - .../identity/zz_generated.deepcopy.go | 185 - generated/1.28/apis/concierge/login/doc.go | 8 - .../1.28/apis/concierge/login/register.go | 38 - .../login/types_clustercredential.go | 22 - .../login/types_tokencredentialrequest.go | 49 - .../concierge/login/v1alpha1/conversion.go | 4 - .../apis/concierge/login/v1alpha1/defaults.go | 12 - .../1.28/apis/concierge/login/v1alpha1/doc.go | 11 - .../apis/concierge/login/v1alpha1/register.go | 43 - .../login/v1alpha1/types_clustercredential.go | 22 - .../v1alpha1/types_tokencredentialrequest.go | 52 - .../login/v1alpha1/zz_generated.conversion.go | 201 - .../login/v1alpha1/zz_generated.deepcopy.go | 134 - .../login/v1alpha1/zz_generated.defaults.go | 20 - .../concierge/login/zz_generated.deepcopy.go | 134 - generated/1.28/apis/go.mod | 9 - generated/1.28/apis/go.sum | 320 -- .../1.28/apis/supervisor/clientsecret/doc.go | 8 - .../apis/supervisor/clientsecret/register.go | 38 - .../types_oidcclientsecretrequest.go | 50 - .../clientsecret/v1alpha1/conversion.go | 4 - .../clientsecret/v1alpha1/defaults.go | 12 - .../supervisor/clientsecret/v1alpha1/doc.go | 11 - .../clientsecret/v1alpha1/register.go | 43 - .../v1alpha1/types_oidcclientsecretrequest.go | 53 - .../v1alpha1/zz_generated.conversion.go | 165 - .../v1alpha1/zz_generated.deepcopy.go | 106 - .../v1alpha1/zz_generated.defaults.go | 20 - .../clientsecret/zz_generated.deepcopy.go | 106 - .../apis/supervisor/config/v1alpha1/doc.go | 8 - .../supervisor/config/v1alpha1/register.go | 45 - .../config/v1alpha1/types_federationdomain.go | 315 -- .../config/v1alpha1/types_oidcclient.go | 144 - .../config/v1alpha1/zz_generated.deepcopy.go | 433 -- .../1.28/apis/supervisor/idp/v1alpha1/doc.go | 9 - .../apis/supervisor/idp/v1alpha1/register.go | 49 - .../types_activedirectoryidentityprovider.go | 219 - .../v1alpha1/types_githubidentityprovider.go | 263 - .../v1alpha1/types_ldapidentityprovider.go | 207 - .../v1alpha1/types_oidcidentityprovider.go | 217 - .../apis/supervisor/idp/v1alpha1/types_tls.go | 47 - .../idp/v1alpha1/zz_generated.deepcopy.go | 835 --- .../types_supervisor_idp_discovery.go | 73 - .../supervisor/oidc/types_supervisor_oidc.go | 90 - .../versioned/fake/clientset_generated.go | 93 - .../concierge/clientset/versioned/fake/doc.go | 7 - .../clientset/versioned/scheme/doc.go | 7 - .../clientset/versioned/scheme/register.go | 49 - .../typed/authentication/v1alpha1/doc.go | 7 - .../typed/authentication/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_jwtauthenticator.go | 119 - .../fake/fake_webhookauthenticator.go | 119 - .../v1alpha1/generated_expansion.go | 10 - .../v1alpha1/jwtauthenticator.go | 171 - .../v1alpha1/webhookauthenticator.go | 171 - .../typed/config/v1alpha1/credentialissuer.go | 171 - .../versioned/typed/config/v1alpha1/doc.go | 7 - .../typed/config/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_credentialissuer.go | 119 - .../config/v1alpha1/generated_expansion.go | 8 - .../versioned/typed/identity/v1alpha1/doc.go | 7 - .../typed/identity/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_whoamirequest.go | 33 - .../identity/v1alpha1/generated_expansion.go | 8 - .../typed/identity/v1alpha1/whoamirequest.go | 51 - .../versioned/typed/login/v1alpha1/doc.go | 7 - .../typed/login/v1alpha1/fake/doc.go | 7 - .../login/v1alpha1/fake/fake_login_client.go | 27 - .../fake/fake_tokencredentialrequest.go | 33 - .../login/v1alpha1/generated_expansion.go | 8 - .../login/v1alpha1/tokencredentialrequest.go | 51 - .../authentication/interface.go | 33 - .../config/v1alpha1/credentialissuer.go | 76 - .../v1alpha1/expansion_generated.go | 14 - .../v1alpha1/jwtauthenticator.go | 55 - .../v1alpha1/webhookauthenticator.go | 55 - .../config/v1alpha1/credentialissuer.go | 55 - .../config/v1alpha1/expansion_generated.go | 10 - generated/1.28/client/go.mod | 13 - generated/1.28/client/go.sum | 360 -- .../clientset/versioned/fake/doc.go | 7 - .../clientset/versioned/scheme/doc.go | 7 - .../typed/clientsecret/v1alpha1/doc.go | 7 - .../typed/clientsecret/v1alpha1/fake/doc.go | 7 - .../fake/fake_oidcclientsecretrequest.go | 35 - .../v1alpha1/generated_expansion.go | 8 - .../v1alpha1/oidcclientsecretrequest.go | 54 - .../versioned/typed/config/v1alpha1/doc.go | 7 - .../typed/config/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_config_client.go | 31 - .../v1alpha1/fake/fake_federationdomain.go | 128 - .../config/v1alpha1/fake/fake_oidcclient.go | 128 - .../typed/config/v1alpha1/federationdomain.go | 182 - .../config/v1alpha1/generated_expansion.go | 10 - .../typed/config/v1alpha1/oidcclient.go | 182 - .../activedirectoryidentityprovider.go | 182 - .../versioned/typed/idp/v1alpha1/doc.go | 7 - .../versioned/typed/idp/v1alpha1/fake/doc.go | 7 - .../fake_activedirectoryidentityprovider.go | 128 - .../fake/fake_githubidentityprovider.go | 128 - .../fake/fake_ldapidentityprovider.go | 128 - .../fake/fake_oidcidentityprovider.go | 128 - .../typed/idp/v1alpha1/generated_expansion.go | 14 - .../idp/v1alpha1/githubidentityprovider.go | 182 - .../idp/v1alpha1/ldapidentityprovider.go | 182 - .../idp/v1alpha1/oidcidentityprovider.go | 182 - .../externalversions/config/interface.go | 33 - .../config/v1alpha1/federationdomain.go | 77 - .../config/v1alpha1/expansion_generated.go | 22 - .../config/v1alpha1/federationdomain.go | 86 - .../listers/config/v1alpha1/oidcclient.go | 86 - .../idp/v1alpha1/expansion_generated.go | 38 - .../openapi/zz_generated.openapi.go | 2658 --------- generated/1.29/README.adoc | 2726 ---------- .../concierge/authentication/v1alpha1/doc.go | 8 - .../authentication/v1alpha1/register.go | 45 - .../v1alpha1/types_jwtauthenticator.go | 312 -- .../authentication/v1alpha1/types_tls.go | 47 - .../v1alpha1/types_webhookauthenticator.go | 74 - .../v1alpha1/zz_generated.deepcopy.go | 341 -- .../apis/concierge/config/v1alpha1/doc.go | 8 - .../concierge/config/v1alpha1/register.go | 43 - .../config/v1alpha1/types_credentialissuer.go | 257 - .../config/v1alpha1/zz_generated.deepcopy.go | 259 - generated/1.29/apis/concierge/identity/doc.go | 8 - .../1.29/apis/concierge/identity/register.go | 38 - .../apis/concierge/identity/types_userinfo.go | 37 - .../concierge/identity/types_whoamirequest.go | 42 - .../concierge/identity/v1alpha1/conversion.go | 4 - .../concierge/identity/v1alpha1/defaults.go | 12 - .../concierge/identity/v1alpha1/register.go | 43 - .../identity/v1alpha1/types_userinfo.go | 41 - .../identity/v1alpha1/types_whoamirequest.go | 45 - .../v1alpha1/zz_generated.deepcopy.go | 185 - .../v1alpha1/zz_generated.defaults.go | 20 - .../identity/zz_generated.deepcopy.go | 185 - generated/1.29/apis/concierge/login/doc.go | 8 - .../1.29/apis/concierge/login/register.go | 38 - .../login/types_clustercredential.go | 22 - .../login/types_tokencredentialrequest.go | 49 - .../concierge/login/v1alpha1/conversion.go | 4 - .../apis/concierge/login/v1alpha1/defaults.go | 12 - .../apis/concierge/login/v1alpha1/register.go | 43 - .../login/v1alpha1/types_clustercredential.go | 22 - .../v1alpha1/types_tokencredentialrequest.go | 52 - .../login/v1alpha1/zz_generated.conversion.go | 201 - .../login/v1alpha1/zz_generated.deepcopy.go | 134 - .../login/v1alpha1/zz_generated.defaults.go | 20 - .../concierge/login/zz_generated.deepcopy.go | 134 - generated/1.29/apis/go.mod | 26 - .../1.29/apis/supervisor/clientsecret/doc.go | 8 - .../apis/supervisor/clientsecret/register.go | 38 - .../types_oidcclientsecretrequest.go | 50 - .../clientsecret/v1alpha1/conversion.go | 4 - .../clientsecret/v1alpha1/defaults.go | 12 - .../clientsecret/v1alpha1/register.go | 43 - .../v1alpha1/types_oidcclientsecretrequest.go | 53 - .../v1alpha1/zz_generated.conversion.go | 165 - .../v1alpha1/zz_generated.deepcopy.go | 106 - .../v1alpha1/zz_generated.defaults.go | 20 - .../clientsecret/zz_generated.deepcopy.go | 106 - .../apis/supervisor/config/v1alpha1/doc.go | 8 - .../supervisor/config/v1alpha1/register.go | 45 - .../config/v1alpha1/types_federationdomain.go | 315 -- .../config/v1alpha1/types_oidcclient.go | 144 - .../config/v1alpha1/zz_generated.deepcopy.go | 433 -- .../1.29/apis/supervisor/idp/v1alpha1/doc.go | 9 - .../apis/supervisor/idp/v1alpha1/register.go | 49 - .../types_activedirectoryidentityprovider.go | 219 - .../v1alpha1/types_githubidentityprovider.go | 263 - .../v1alpha1/types_ldapidentityprovider.go | 207 - .../v1alpha1/types_oidcidentityprovider.go | 217 - .../apis/supervisor/idp/v1alpha1/types_tls.go | 47 - .../idp/v1alpha1/zz_generated.deepcopy.go | 835 --- .../types_supervisor_idp_discovery.go | 73 - .../supervisor/oidc/types_supervisor_oidc.go | 90 - .../clientset/versioned/clientset.go | 146 - .../versioned/fake/clientset_generated.go | 93 - .../concierge/clientset/versioned/fake/doc.go | 7 - .../clientset/versioned/fake/register.go | 49 - .../clientset/versioned/scheme/doc.go | 7 - .../clientset/versioned/scheme/register.go | 49 - .../v1alpha1/authentication_client.go | 99 - .../typed/authentication/v1alpha1/doc.go | 7 - .../typed/authentication/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_jwtauthenticator.go | 119 - .../fake/fake_webhookauthenticator.go | 119 - .../v1alpha1/generated_expansion.go | 10 - .../v1alpha1/jwtauthenticator.go | 171 - .../v1alpha1/webhookauthenticator.go | 171 - .../typed/config/v1alpha1/credentialissuer.go | 171 - .../versioned/typed/config/v1alpha1/doc.go | 7 - .../typed/config/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_config_client.go | 27 - .../v1alpha1/fake/fake_credentialissuer.go | 119 - .../config/v1alpha1/generated_expansion.go | 8 - .../versioned/typed/identity/v1alpha1/doc.go | 7 - .../typed/identity/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_identity_client.go | 27 - .../v1alpha1/fake/fake_whoamirequest.go | 33 - .../identity/v1alpha1/generated_expansion.go | 8 - .../identity/v1alpha1/identity_client.go | 94 - .../typed/identity/v1alpha1/whoamirequest.go | 51 - .../versioned/typed/login/v1alpha1/doc.go | 7 - .../typed/login/v1alpha1/fake/doc.go | 7 - .../login/v1alpha1/fake/fake_login_client.go | 27 - .../fake/fake_tokencredentialrequest.go | 33 - .../login/v1alpha1/generated_expansion.go | 8 - .../typed/login/v1alpha1/login_client.go | 94 - .../login/v1alpha1/tokencredentialrequest.go | 51 - .../authentication/interface.go | 33 - .../v1alpha1/jwtauthenticator.go | 76 - .../v1alpha1/webhookauthenticator.go | 76 - .../externalversions/config/interface.go | 33 - .../config/v1alpha1/credentialissuer.go | 76 - .../config/v1alpha1/interface.go | 32 - .../informers/externalversions/generic.go | 56 - .../internalinterfaces/factory_interfaces.go | 27 - .../v1alpha1/expansion_generated.go | 14 - .../v1alpha1/jwtauthenticator.go | 55 - .../v1alpha1/webhookauthenticator.go | 55 - .../config/v1alpha1/credentialissuer.go | 55 - .../config/v1alpha1/expansion_generated.go | 10 - generated/1.29/client/go.mod | 53 - .../clientset/versioned/clientset.go | 133 - .../clientset/versioned/fake/doc.go | 7 - .../clientset/versioned/scheme/doc.go | 7 - .../v1alpha1/clientsecret_client.go | 94 - .../typed/clientsecret/v1alpha1/doc.go | 7 - .../typed/clientsecret/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_clientsecret_client.go | 27 - .../fake/fake_oidcclientsecretrequest.go | 35 - .../v1alpha1/generated_expansion.go | 8 - .../v1alpha1/oidcclientsecretrequest.go | 54 - .../typed/config/v1alpha1/config_client.go | 99 - .../versioned/typed/config/v1alpha1/doc.go | 7 - .../typed/config/v1alpha1/fake/doc.go | 7 - .../v1alpha1/fake/fake_config_client.go | 31 - .../v1alpha1/fake/fake_federationdomain.go | 128 - .../config/v1alpha1/fake/fake_oidcclient.go | 128 - .../typed/config/v1alpha1/federationdomain.go | 182 - .../config/v1alpha1/generated_expansion.go | 10 - .../typed/config/v1alpha1/oidcclient.go | 182 - .../activedirectoryidentityprovider.go | 182 - .../versioned/typed/idp/v1alpha1/doc.go | 7 - .../versioned/typed/idp/v1alpha1/fake/doc.go | 7 - .../fake_activedirectoryidentityprovider.go | 128 - .../fake/fake_githubidentityprovider.go | 128 - .../idp/v1alpha1/fake/fake_idp_client.go | 39 - .../fake/fake_ldapidentityprovider.go | 128 - .../fake/fake_oidcidentityprovider.go | 128 - .../typed/idp/v1alpha1/generated_expansion.go | 14 - .../idp/v1alpha1/githubidentityprovider.go | 182 - .../idp/v1alpha1/ldapidentityprovider.go | 182 - .../idp/v1alpha1/oidcidentityprovider.go | 182 - .../externalversions/config/interface.go | 33 - .../config/v1alpha1/federationdomain.go | 77 - .../config/v1alpha1/interface.go | 39 - .../activedirectoryidentityprovider.go | 77 - .../idp/v1alpha1/githubidentityprovider.go | 77 - .../idp/v1alpha1/interface.go | 53 - .../idp/v1alpha1/ldapidentityprovider.go | 77 - .../idp/v1alpha1/oidcidentityprovider.go | 77 - .../internalinterfaces/factory_interfaces.go | 27 - .../config/v1alpha1/expansion_generated.go | 22 - .../config/v1alpha1/federationdomain.go | 86 - .../listers/config/v1alpha1/oidcclient.go | 86 - .../activedirectoryidentityprovider.go | 86 - .../idp/v1alpha1/expansion_generated.go | 38 - .../idp/v1alpha1/ldapidentityprovider.go | 86 - .../idp/v1alpha1/oidcidentityprovider.go | 86 - .../openapi/zz_generated.openapi.go | 2653 --------- ...cierge.pinniped.dev_jwtauthenticators.yaml | 431 -- ...ge.pinniped.dev_webhookauthenticators.yaml | 185 - ...cierge.pinniped.dev_credentialissuers.yaml | 243 - ...rvisor.pinniped.dev_federationdomains.yaml | 456 -- ....dev_activedirectoryidentityproviders.yaml | 333 -- ....pinniped.dev_githubidentityproviders.yaml | 338 -- ...or.pinniped.dev_oidcidentityproviders.yaml | 331 -- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 2 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/1.31/apis/go.mod | 4 +- generated/1.31/apis/go.sum | 8 +- generated/1.31/client/go.mod | 6 +- generated/1.31/client/go.sum | 12 +- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 2 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/1.32/apis/go.mod | 4 +- generated/1.32/apis/go.sum | 8 +- generated/1.32/client/go.mod | 6 +- generated/1.32/client/go.sum | 12 +- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 2 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/1.33/apis/go.mod | 4 +- generated/1.33/apis/go.sum | 8 +- generated/1.33/client/go.mod | 6 +- generated/1.33/client/go.sum | 12 +- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 2 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/{1.26 => 1.34}/README.adoc | 732 +-- .../concierge/authentication/v1alpha1/doc.go | 0 .../authentication/v1alpha1/register.go | 0 .../v1alpha1/types_jwtauthenticator.go | 0 .../authentication/v1alpha1/types_tls.go | 0 .../v1alpha1/types_webhookauthenticator.go | 0 .../v1alpha1/zz_generated.deepcopy.go | 0 .../apis/concierge/config/v1alpha1/doc.go | 0 .../concierge/config/v1alpha1/register.go | 0 .../config/v1alpha1/types_credentialissuer.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 0 .../apis/concierge/identity/doc.go | 0 .../apis/concierge/identity/register.go | 0 .../apis/concierge/identity/types_userinfo.go | 0 .../concierge/identity/types_whoamirequest.go | 0 .../concierge/identity/v1alpha1/conversion.go | 0 .../concierge/identity/v1alpha1/defaults.go | 0 .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 0 .../identity/v1alpha1/types_userinfo.go | 0 .../identity/v1alpha1/types_whoamirequest.go | 0 .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 0 .../v1alpha1/zz_generated.defaults.go | 0 .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 0 .../apis/concierge/login/doc.go | 0 .../apis/concierge/login/register.go | 0 .../login/types_clustercredential.go | 0 .../login/types_tokencredentialrequest.go | 0 .../concierge/login/v1alpha1/conversion.go | 0 .../apis/concierge/login/v1alpha1/defaults.go | 0 .../apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 0 .../login/v1alpha1/types_clustercredential.go | 0 .../v1alpha1/types_tokencredentialrequest.go | 0 .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 0 .../login/v1alpha1/zz_generated.defaults.go | 0 .../concierge/login/zz_generated.deepcopy.go | 0 generated/1.34/apis/go.mod | 29 + generated/{1.29 => 1.34}/apis/go.sum | 74 +- .../apis/supervisor/clientsecret/doc.go | 0 .../apis/supervisor/clientsecret/register.go | 0 .../types_oidcclientsecretrequest.go | 0 .../clientsecret/v1alpha1/conversion.go | 0 .../clientsecret/v1alpha1/defaults.go | 0 .../supervisor/clientsecret/v1alpha1/doc.go | 2 +- .../clientsecret/v1alpha1/register.go | 0 .../v1alpha1/types_oidcclientsecretrequest.go | 0 .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 0 .../v1alpha1/zz_generated.defaults.go | 0 .../clientsecret/zz_generated.deepcopy.go | 0 .../apis/supervisor/config/v1alpha1/doc.go | 0 .../supervisor/config/v1alpha1/register.go | 0 .../config/v1alpha1/types_federationdomain.go | 0 .../config/v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 0 .../apis/supervisor/idp/v1alpha1/doc.go | 0 .../apis/supervisor/idp/v1alpha1/register.go | 0 .../types_activedirectoryidentityprovider.go | 0 .../v1alpha1/types_githubidentityprovider.go | 0 .../v1alpha1/types_ldapidentityprovider.go | 0 .../v1alpha1/types_oidcidentityprovider.go | 0 .../apis/supervisor/idp/v1alpha1/types_tls.go | 0 .../idp/v1alpha1/zz_generated.deepcopy.go | 0 .../types_supervisor_idp_discovery.go | 0 .../supervisor/oidc/types_supervisor_oidc.go | 0 .../clientset/versioned/clientset.go | 12 +- .../versioned/fake/clientset_generated.go | 31 +- .../concierge/clientset/versioned/fake/doc.go | 0 .../clientset/versioned/fake/register.go | 8 +- .../clientset/versioned/scheme/doc.go | 0 .../clientset/versioned/scheme/register.go | 8 +- .../v1alpha1/authentication_client.go | 22 +- .../typed/authentication/v1alpha1/doc.go | 0 .../typed/authentication/v1alpha1/fake/doc.go | 0 .../fake/fake_authentication_client.go | 6 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 39 + .../fake/fake_webhookauthenticator.go | 39 + .../v1alpha1/generated_expansion.go | 0 .../v1alpha1/jwtauthenticator.go | 59 + .../v1alpha1/webhookauthenticator.go | 61 + .../typed/config/v1alpha1/config_client.go | 22 +- .../typed/config/v1alpha1/credentialissuer.go | 57 + .../versioned/typed/config/v1alpha1/doc.go | 0 .../typed/config/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_config_client.go | 4 +- .../v1alpha1/fake/fake_credentialissuer.go | 39 + .../config/v1alpha1/generated_expansion.go | 0 .../versioned/typed/identity/v1alpha1/doc.go | 0 .../typed/identity/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_identity_client.go | 4 +- .../v1alpha1/fake/fake_whoamirequest.go | 31 + .../identity/v1alpha1/generated_expansion.go | 0 .../identity/v1alpha1/identity_client.go | 22 +- .../typed/identity/v1alpha1/whoamirequest.go | 45 + .../versioned/typed/login/v1alpha1/doc.go | 0 .../typed/login/v1alpha1/fake/doc.go | 0 .../login/v1alpha1/fake/fake_login_client.go | 4 +- .../fake/fake_tokencredentialrequest.go | 31 + .../login/v1alpha1/generated_expansion.go | 0 .../typed/login/v1alpha1/login_client.go | 22 +- .../login/v1alpha1/tokencredentialrequest.go | 32 +- .../authentication/interface.go | 4 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 36 +- .../v1alpha1/webhookauthenticator.go | 36 +- .../externalversions/config/interface.go | 4 +- .../config/v1alpha1/credentialissuer.go | 36 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 9 +- .../informers/externalversions/generic.go | 6 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 0 .../v1alpha1/jwtauthenticator.go | 35 + .../v1alpha1/webhookauthenticator.go | 35 + .../config/v1alpha1/credentialissuer.go | 35 + .../config/v1alpha1/expansion_generated.go | 0 .../concierge/openapi/zz_generated.openapi.go | 2459 +++++++-- generated/1.34/client/go.mod | 55 + generated/{1.29 => 1.34}/client/go.sum | 156 +- .../clientset/versioned/clientset.go | 10 +- .../versioned/fake/clientset_generated.go | 27 +- .../clientset/versioned/fake/doc.go | 0 .../clientset/versioned/fake/register.go | 6 +- .../clientset/versioned/scheme/doc.go | 0 .../clientset/versioned/scheme/register.go | 6 +- .../v1alpha1/clientsecret_client.go | 22 +- .../typed/clientsecret/v1alpha1/doc.go | 0 .../typed/clientsecret/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_clientsecret_client.go | 4 +- .../fake/fake_oidcclientsecretrequest.go | 31 + .../v1alpha1/generated_expansion.go | 0 .../v1alpha1/oidcclientsecretrequest.go | 47 + .../typed/config/v1alpha1/config_client.go | 22 +- .../versioned/typed/config/v1alpha1/doc.go | 0 .../typed/config/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_config_client.go | 6 +- .../v1alpha1/fake/fake_federationdomain.go | 39 + .../config/v1alpha1/fake/fake_oidcclient.go | 37 + .../typed/config/v1alpha1/federationdomain.go | 57 + .../config/v1alpha1/generated_expansion.go | 0 .../typed/config/v1alpha1/oidcclient.go | 57 + .../activedirectoryidentityprovider.go | 61 + .../versioned/typed/idp/v1alpha1/doc.go | 0 .../versioned/typed/idp/v1alpha1/fake/doc.go | 0 .../fake_activedirectoryidentityprovider.go | 41 + .../fake/fake_githubidentityprovider.go | 39 + .../idp/v1alpha1/fake/fake_idp_client.go | 10 +- .../fake/fake_ldapidentityprovider.go | 39 + .../fake/fake_oidcidentityprovider.go | 39 + .../typed/idp/v1alpha1/generated_expansion.go | 0 .../idp/v1alpha1/githubidentityprovider.go | 57 + .../typed/idp/v1alpha1/idp_client.go | 22 +- .../idp/v1alpha1/ldapidentityprovider.go | 57 + .../idp/v1alpha1/oidcidentityprovider.go | 57 + .../externalversions/config/interface.go | 4 +- .../config/v1alpha1/federationdomain.go | 36 +- .../config/v1alpha1/interface.go | 2 +- .../config/v1alpha1/oidcclient.go | 36 +- .../informers/externalversions/factory.go | 9 +- .../informers/externalversions/generic.go | 6 +- .../externalversions/idp/interface.go | 4 +- .../activedirectoryidentityprovider.go | 36 +- .../idp/v1alpha1/githubidentityprovider.go | 36 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 36 +- .../idp/v1alpha1/oidcidentityprovider.go | 36 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 0 .../config/v1alpha1/federationdomain.go | 51 +- .../listers/config/v1alpha1/oidcclient.go | 57 + .../activedirectoryidentityprovider.go | 51 +- .../idp/v1alpha1/expansion_generated.go | 0 .../idp/v1alpha1/githubidentityprovider.go | 51 +- .../idp/v1alpha1/ldapidentityprovider.go | 51 +- .../idp/v1alpha1/oidcidentityprovider.go | 51 +- .../openapi/zz_generated.openapi.go | 2440 +++++++-- ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 18 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/{1.28 => 1.35}/README.adoc | 732 +-- .../concierge/authentication/v1alpha1/doc.go | 0 .../authentication/v1alpha1/register.go | 0 .../v1alpha1/types_jwtauthenticator.go | 0 .../authentication/v1alpha1/types_tls.go | 0 .../v1alpha1/types_webhookauthenticator.go | 0 .../v1alpha1/zz_generated.deepcopy.go | 0 .../apis/concierge/config/v1alpha1/doc.go | 0 .../concierge/config/v1alpha1/register.go | 0 .../config/v1alpha1/types_credentialissuer.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 0 .../apis/concierge/identity/doc.go | 0 .../apis/concierge/identity/register.go | 0 .../apis/concierge/identity/types_userinfo.go | 0 .../concierge/identity/types_whoamirequest.go | 0 .../concierge/identity/v1alpha1/conversion.go | 0 .../concierge/identity/v1alpha1/defaults.go | 0 .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 0 .../identity/v1alpha1/types_userinfo.go | 0 .../identity/v1alpha1/types_whoamirequest.go | 0 .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 0 .../v1alpha1/zz_generated.defaults.go | 0 .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 0 .../apis/concierge/login/doc.go | 0 .../apis/concierge/login/register.go | 0 .../login/types_clustercredential.go | 0 .../login/types_tokencredentialrequest.go | 0 .../concierge/login/v1alpha1/conversion.go | 0 .../apis/concierge/login/v1alpha1/defaults.go | 0 .../apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 0 .../login/v1alpha1/types_clustercredential.go | 0 .../v1alpha1/types_tokencredentialrequest.go | 0 .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 0 .../login/v1alpha1/zz_generated.defaults.go | 0 .../concierge/login/zz_generated.deepcopy.go | 0 generated/1.35/apis/go.mod | 29 + generated/1.35/apis/go.sum | 66 + .../apis/supervisor/clientsecret/doc.go | 0 .../apis/supervisor/clientsecret/register.go | 0 .../types_oidcclientsecretrequest.go | 0 .../clientsecret/v1alpha1/conversion.go | 0 .../clientsecret/v1alpha1/defaults.go | 0 .../supervisor/clientsecret/v1alpha1/doc.go | 2 +- .../clientsecret/v1alpha1/register.go | 0 .../v1alpha1/types_oidcclientsecretrequest.go | 0 .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 0 .../v1alpha1/zz_generated.defaults.go | 0 .../clientsecret/zz_generated.deepcopy.go | 0 .../apis/supervisor/config/v1alpha1/doc.go | 0 .../supervisor/config/v1alpha1/register.go | 0 .../config/v1alpha1/types_federationdomain.go | 0 .../config/v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 0 .../apis/supervisor/idp/v1alpha1/doc.go | 0 .../apis/supervisor/idp/v1alpha1/register.go | 0 .../types_activedirectoryidentityprovider.go | 0 .../v1alpha1/types_githubidentityprovider.go | 0 .../v1alpha1/types_ldapidentityprovider.go | 0 .../v1alpha1/types_oidcidentityprovider.go | 0 .../apis/supervisor/idp/v1alpha1/types_tls.go | 0 .../idp/v1alpha1/zz_generated.deepcopy.go | 0 .../types_supervisor_idp_discovery.go | 0 .../supervisor/oidc/types_supervisor_oidc.go | 0 .../clientset/versioned/clientset.go | 12 +- .../versioned/fake/clientset_generated.go | 42 +- .../concierge/clientset/versioned/fake/doc.go | 0 .../clientset/versioned/fake/register.go | 8 +- .../clientset/versioned/scheme/doc.go | 0 .../clientset/versioned/scheme/register.go | 8 +- .../v1alpha1/authentication_client.go | 22 +- .../typed/authentication/v1alpha1/doc.go | 0 .../typed/authentication/v1alpha1/fake/doc.go | 0 .../fake/fake_authentication_client.go | 6 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 39 + .../fake/fake_webhookauthenticator.go | 39 + .../v1alpha1/generated_expansion.go | 0 .../v1alpha1/jwtauthenticator.go | 59 + .../v1alpha1/webhookauthenticator.go | 61 + .../typed/config/v1alpha1/config_client.go | 22 +- .../typed/config/v1alpha1/credentialissuer.go | 57 + .../versioned/typed/config/v1alpha1/doc.go | 0 .../typed/config/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_config_client.go | 4 +- .../v1alpha1/fake/fake_credentialissuer.go | 39 + .../config/v1alpha1/generated_expansion.go | 0 .../versioned/typed/identity/v1alpha1/doc.go | 0 .../typed/identity/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_identity_client.go | 4 +- .../v1alpha1/fake/fake_whoamirequest.go | 31 + .../identity/v1alpha1/generated_expansion.go | 0 .../identity/v1alpha1/identity_client.go | 22 +- .../typed/identity/v1alpha1/whoamirequest.go | 45 + .../versioned/typed/login/v1alpha1/doc.go | 0 .../typed/login/v1alpha1/fake/doc.go | 0 .../login/v1alpha1/fake/fake_login_client.go | 4 +- .../fake/fake_tokencredentialrequest.go | 31 + .../login/v1alpha1/generated_expansion.go | 0 .../typed/login/v1alpha1/login_client.go | 22 +- .../login/v1alpha1/tokencredentialrequest.go | 32 +- .../authentication/interface.go | 4 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 40 +- .../v1alpha1/webhookauthenticator.go | 40 +- .../externalversions/config/interface.go | 4 +- .../config/v1alpha1/credentialissuer.go | 40 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 22 +- .../informers/externalversions/generic.go | 6 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 0 .../v1alpha1/jwtauthenticator.go | 35 + .../v1alpha1/webhookauthenticator.go | 35 + .../config/v1alpha1/credentialissuer.go | 35 + .../config/v1alpha1/expansion_generated.go | 0 .../concierge/openapi/zz_generated.openapi.go | 4732 +++++++++++----- generated/1.35/client/go.mod | 53 + generated/1.35/client/go.sum | 131 + .../clientset/versioned/clientset.go | 10 +- .../versioned/fake/clientset_generated.go | 38 +- .../clientset/versioned/fake/doc.go | 0 .../clientset/versioned/fake/register.go | 6 +- .../clientset/versioned/scheme/doc.go | 0 .../clientset/versioned/scheme/register.go | 6 +- .../v1alpha1/clientsecret_client.go | 22 +- .../typed/clientsecret/v1alpha1/doc.go | 0 .../typed/clientsecret/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_clientsecret_client.go | 4 +- .../fake/fake_oidcclientsecretrequest.go | 31 + .../v1alpha1/generated_expansion.go | 0 .../v1alpha1/oidcclientsecretrequest.go | 47 + .../typed/config/v1alpha1/config_client.go | 22 +- .../versioned/typed/config/v1alpha1/doc.go | 0 .../typed/config/v1alpha1/fake/doc.go | 0 .../v1alpha1/fake/fake_config_client.go | 6 +- .../v1alpha1/fake/fake_federationdomain.go | 39 + .../config/v1alpha1/fake/fake_oidcclient.go | 37 + .../typed/config/v1alpha1/federationdomain.go | 57 + .../config/v1alpha1/generated_expansion.go | 0 .../typed/config/v1alpha1/oidcclient.go | 57 + .../activedirectoryidentityprovider.go | 61 + .../versioned/typed/idp/v1alpha1/doc.go | 0 .../versioned/typed/idp/v1alpha1/fake/doc.go | 0 .../fake_activedirectoryidentityprovider.go | 41 + .../fake/fake_githubidentityprovider.go | 39 + .../idp/v1alpha1/fake/fake_idp_client.go | 10 +- .../fake/fake_ldapidentityprovider.go | 39 + .../fake/fake_oidcidentityprovider.go | 39 + .../typed/idp/v1alpha1/generated_expansion.go | 0 .../idp/v1alpha1/githubidentityprovider.go | 57 + .../typed/idp/v1alpha1/idp_client.go | 22 +- .../idp/v1alpha1/ldapidentityprovider.go | 57 + .../idp/v1alpha1/oidcidentityprovider.go | 57 + .../externalversions/config/interface.go | 4 +- .../config/v1alpha1/federationdomain.go | 40 +- .../config/v1alpha1/interface.go | 2 +- .../config/v1alpha1/oidcclient.go | 40 +- .../informers/externalversions/factory.go | 22 +- .../informers/externalversions/generic.go | 6 +- .../externalversions/idp/interface.go | 4 +- .../activedirectoryidentityprovider.go | 40 +- .../idp/v1alpha1/githubidentityprovider.go | 40 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 40 +- .../idp/v1alpha1/oidcidentityprovider.go | 40 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 0 .../config/v1alpha1/federationdomain.go | 51 +- .../listers/config/v1alpha1/oidcclient.go | 57 + .../activedirectoryidentityprovider.go | 51 +- .../idp/v1alpha1/expansion_generated.go | 0 .../idp/v1alpha1/githubidentityprovider.go | 51 +- .../idp/v1alpha1/ldapidentityprovider.go | 51 +- .../idp/v1alpha1/oidcidentityprovider.go | 51 +- .../openapi/zz_generated.openapi.go | 4733 +++++++++++------ ...cierge.pinniped.dev_jwtauthenticators.yaml | 2 +- ...ge.pinniped.dev_webhookauthenticators.yaml | 2 +- ...cierge.pinniped.dev_credentialissuers.yaml | 2 +- ...rvisor.pinniped.dev_federationdomains.yaml | 18 +- ...g.supervisor.pinniped.dev_oidcclients.yaml | 2 +- ....dev_activedirectoryidentityproviders.yaml | 2 +- ....pinniped.dev_githubidentityproviders.yaml | 2 +- ...or.pinniped.dev_ldapidentityproviders.yaml | 2 +- ...or.pinniped.dev_oidcidentityproviders.yaml | 2 +- generated/latest/README.adoc | 732 +-- .../versioned/fake/clientset_generated.go | 17 +- .../v1alpha1/jwtauthenticator.go | 4 +- .../v1alpha1/webhookauthenticator.go | 4 +- .../config/v1alpha1/credentialissuer.go | 4 +- .../informers/externalversions/factory.go | 3 +- .../concierge/openapi/zz_generated.openapi.go | 2418 +++++---- .../versioned/fake/clientset_generated.go | 17 +- .../config/v1alpha1/federationdomain.go | 4 +- .../config/v1alpha1/oidcclient.go | 4 +- .../informers/externalversions/factory.go | 3 +- .../activedirectoryidentityprovider.go | 4 +- .../idp/v1alpha1/githubidentityprovider.go | 4 +- .../idp/v1alpha1/ldapidentityprovider.go | 4 +- .../idp/v1alpha1/oidcidentityprovider.go | 4 +- .../openapi/zz_generated.openapi.go | 2402 +++++---- go.mod | 88 +- go.sum | 209 +- hack/lib/kube-versions.txt | 12 +- hack/update-go-mod/overrides.conf | 13 - .../concierge/impersonator/impersonator.go | 26 +- .../impersonator/impersonator_test.go | 442 +- 897 files changed, 19179 insertions(+), 66382 deletions(-) delete mode 100644 generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.26/apis/concierge/identity/validation/validation.go delete mode 100644 generated/1.26/apis/go.mod delete mode 100644 generated/1.26/apis/go.sum delete mode 100644 generated/1.26/apis/supervisor/clientsecret/v1alpha1/doc.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/doc.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go delete mode 100644 generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/config/interface.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/interface.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/factory.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/generic.go delete mode 100644 generated/1.26/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go delete mode 100644 generated/1.26/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.26/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.26/client/concierge/listers/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.26/client/go.mod delete mode 100644 generated/1.26/client/go.sum delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/clientset.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/doc.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/fake/clientset_generated.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/fake/register.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/scheme/register.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/factory.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/generic.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/idp/interface.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.26/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.26/client/supervisor/openapi/zz_generated.openapi.go delete mode 100644 generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml delete mode 100644 generated/1.26/crds/config.concierge.pinniped.dev_credentialissuers.yaml delete mode 100644 generated/1.26/crds/config.supervisor.pinniped.dev_federationdomains.yaml delete mode 100644 generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml delete mode 100644 generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml delete mode 100644 generated/1.27/README.adoc delete mode 100644 generated/1.27/apis/concierge/identity/v1alpha1/doc.go delete mode 100644 generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.27/apis/concierge/identity/validation/validation.go delete mode 100644 generated/1.27/apis/concierge/login/v1alpha1/doc.go delete mode 100644 generated/1.27/apis/go.mod delete mode 100644 generated/1.27/apis/go.sum delete mode 100644 generated/1.27/client/concierge/clientset/versioned/clientset.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/fake/register.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go delete mode 100644 generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go delete mode 100644 generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go delete mode 100644 generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.27/client/concierge/informers/externalversions/factory.go delete mode 100644 generated/1.27/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.27/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.27/client/concierge/listers/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.27/client/go.mod delete mode 100644 generated/1.27/client/go.sum delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/fake/clientset_generated.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/fake/register.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/scheme/register.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/interface.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/factory.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/generic.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/idp/interface.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go delete mode 100644 generated/1.27/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.27/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.27/client/supervisor/openapi/zz_generated.openapi.go delete mode 100644 generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml delete mode 100644 generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.27/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml delete mode 100644 generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml delete mode 100644 generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/register.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/types_tls.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go delete mode 100644 generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/concierge/config/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/concierge/config/v1alpha1/register.go delete mode 100644 generated/1.28/apis/concierge/config/v1alpha1/types_credentialissuer.go delete mode 100644 generated/1.28/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/concierge/identity/doc.go delete mode 100644 generated/1.28/apis/concierge/identity/register.go delete mode 100644 generated/1.28/apis/concierge/identity/types_userinfo.go delete mode 100644 generated/1.28/apis/concierge/identity/types_whoamirequest.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/conversion.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/defaults.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/register.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/types_userinfo.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/types_whoamirequest.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.28/apis/concierge/identity/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/concierge/login/doc.go delete mode 100644 generated/1.28/apis/concierge/login/register.go delete mode 100644 generated/1.28/apis/concierge/login/types_clustercredential.go delete mode 100644 generated/1.28/apis/concierge/login/types_tokencredentialrequest.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/conversion.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/defaults.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/register.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/types_clustercredential.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/concierge/login/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.28/apis/concierge/login/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/go.mod delete mode 100644 generated/1.28/apis/go.sum delete mode 100644 generated/1.28/apis/supervisor/clientsecret/doc.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/register.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/conversion.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/defaults.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/register.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.28/apis/supervisor/clientsecret/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/register.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/types_federationdomain.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go delete mode 100644 generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/doc.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/register.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/types_tls.go delete mode 100644 generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.28/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go delete mode 100644 generated/1.28/apis/supervisor/oidc/types_supervisor_oidc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/fake/clientset_generated.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/fake/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/scheme/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/scheme/register.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go delete mode 100644 generated/1.28/client/concierge/informers/externalversions/authentication/interface.go delete mode 100644 generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.28/client/concierge/listers/authentication/v1alpha1/expansion_generated.go delete mode 100644 generated/1.28/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.28/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.28/client/concierge/listers/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.28/client/concierge/listers/config/v1alpha1/expansion_generated.go delete mode 100644 generated/1.28/client/go.mod delete mode 100644 generated/1.28/client/go.sum delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/fake/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/scheme/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.28/client/supervisor/informers/externalversions/config/interface.go delete mode 100644 generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.28/client/supervisor/listers/config/v1alpha1/expansion_generated.go delete mode 100644 generated/1.28/client/supervisor/listers/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.28/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.28/client/supervisor/listers/idp/v1alpha1/expansion_generated.go delete mode 100644 generated/1.28/client/supervisor/openapi/zz_generated.openapi.go delete mode 100644 generated/1.29/README.adoc delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/doc.go delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/register.go delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/types_tls.go delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go delete mode 100644 generated/1.29/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/concierge/config/v1alpha1/doc.go delete mode 100644 generated/1.29/apis/concierge/config/v1alpha1/register.go delete mode 100644 generated/1.29/apis/concierge/config/v1alpha1/types_credentialissuer.go delete mode 100644 generated/1.29/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/concierge/identity/doc.go delete mode 100644 generated/1.29/apis/concierge/identity/register.go delete mode 100644 generated/1.29/apis/concierge/identity/types_userinfo.go delete mode 100644 generated/1.29/apis/concierge/identity/types_whoamirequest.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/conversion.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/defaults.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/register.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/types_userinfo.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/types_whoamirequest.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.29/apis/concierge/identity/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/concierge/login/doc.go delete mode 100644 generated/1.29/apis/concierge/login/register.go delete mode 100644 generated/1.29/apis/concierge/login/types_clustercredential.go delete mode 100644 generated/1.29/apis/concierge/login/types_tokencredentialrequest.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/conversion.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/defaults.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/register.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/types_clustercredential.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/concierge/login/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.29/apis/concierge/login/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/go.mod delete mode 100644 generated/1.29/apis/supervisor/clientsecret/doc.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/register.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/conversion.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/defaults.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/register.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go delete mode 100644 generated/1.29/apis/supervisor/clientsecret/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/supervisor/config/v1alpha1/doc.go delete mode 100644 generated/1.29/apis/supervisor/config/v1alpha1/register.go delete mode 100644 generated/1.29/apis/supervisor/config/v1alpha1/types_federationdomain.go delete mode 100644 generated/1.29/apis/supervisor/config/v1alpha1/types_oidcclient.go delete mode 100644 generated/1.29/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/doc.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/register.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/types_tls.go delete mode 100644 generated/1.29/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go delete mode 100644 generated/1.29/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go delete mode 100644 generated/1.29/apis/supervisor/oidc/types_supervisor_oidc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/clientset.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/fake/clientset_generated.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/fake/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/fake/register.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/scheme/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/scheme/register.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go delete mode 100644 generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/authentication/interface.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/config/interface.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/interface.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/generic.go delete mode 100644 generated/1.29/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go delete mode 100644 generated/1.29/client/concierge/listers/authentication/v1alpha1/expansion_generated.go delete mode 100644 generated/1.29/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go delete mode 100644 generated/1.29/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go delete mode 100644 generated/1.29/client/concierge/listers/config/v1alpha1/credentialissuer.go delete mode 100644 generated/1.29/client/concierge/listers/config/v1alpha1/expansion_generated.go delete mode 100644 generated/1.29/client/go.mod delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/clientset.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/fake/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/scheme/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/config/interface.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/interface.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go delete mode 100644 generated/1.29/client/supervisor/listers/config/v1alpha1/expansion_generated.go delete mode 100644 generated/1.29/client/supervisor/listers/config/v1alpha1/federationdomain.go delete mode 100644 generated/1.29/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.29/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/listers/idp/v1alpha1/expansion_generated.go delete mode 100644 generated/1.29/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go delete mode 100644 generated/1.29/client/supervisor/openapi/zz_generated.openapi.go delete mode 100644 generated/1.29/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml delete mode 100644 generated/1.29/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml delete mode 100644 generated/1.29/crds/config.concierge.pinniped.dev_credentialissuers.yaml delete mode 100644 generated/1.29/crds/config.supervisor.pinniped.dev_federationdomains.yaml delete mode 100644 generated/1.29/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml delete mode 100644 generated/1.29/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml delete mode 100644 generated/1.29/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml rename generated/{1.26 => 1.34}/README.adoc (82%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/types_tls.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/config/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/config/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/config/v1alpha1/types_credentialissuer.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/doc.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/types_userinfo.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/types_whoamirequest.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/conversion.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/defaults.go (100%) rename generated/{1.29 => 1.34}/apis/concierge/identity/v1alpha1/doc.go (84%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/types_userinfo.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/types_whoamirequest.go (100%) rename generated/{1.28 => 1.34}/apis/concierge/identity/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/identity/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.29 => 1.34}/apis/concierge/identity/validation/validation.go (84%) rename generated/{1.26 => 1.34}/apis/concierge/identity/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/doc.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/types_clustercredential.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/types_tokencredentialrequest.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/conversion.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/defaults.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/doc.go (84%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/types_clustercredential.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.26 => 1.34}/apis/concierge/login/zz_generated.deepcopy.go (100%) create mode 100644 generated/1.34/apis/go.mod rename generated/{1.29 => 1.34}/apis/go.sum (62%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/doc.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/register.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/conversion.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/defaults.go (100%) rename generated/{1.27 => 1.34}/apis/supervisor/clientsecret/v1alpha1/doc.go (85%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go (100%) rename generated/{1.27 => 1.34}/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/clientsecret/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/config/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/config/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/config/v1alpha1/types_federationdomain.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/config/v1alpha1/types_oidcclient.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/register.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/types_tls.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go (100%) rename generated/{1.26 => 1.34}/apis/supervisor/oidc/types_supervisor_oidc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/clientset.go (94%) rename generated/{1.27 => 1.34}/client/concierge/clientset/versioned/fake/clientset_generated.go (72%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/fake/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/fake/register.go (85%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/scheme/doc.go (100%) rename generated/{1.27 => 1.34}/client/concierge/clientset/versioned/scheme/register.go (85%) rename generated/{1.28 => 1.34}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go (84%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go (100%) rename generated/{1.28 => 1.34}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go (84%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go rename generated/{1.28 => 1.34}/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go (82%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go (100%) rename generated/{1.27 => 1.34}/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go (86%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go (100%) rename generated/{1.27 => 1.34}/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go (86%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go (100%) rename generated/{1.27 => 1.34}/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go (82%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go (85%) create mode 100644 generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go (100%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go (82%) rename generated/{1.26 => 1.34}/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go (50%) rename generated/{1.26 => 1.34}/client/concierge/informers/externalversions/authentication/interface.go (89%) rename generated/{1.28 => 1.34}/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go (95%) rename generated/{1.28 => 1.34}/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go (66%) rename generated/{1.28 => 1.34}/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go (66%) rename generated/{1.28 => 1.34}/client/concierge/informers/externalversions/config/interface.go (89%) rename generated/{1.26 => 1.34}/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go (68%) rename generated/{1.27 => 1.34}/client/concierge/informers/externalversions/config/v1alpha1/interface.go (94%) rename generated/{1.29 => 1.34}/client/concierge/informers/externalversions/factory.go (96%) rename generated/{1.28 => 1.34}/client/concierge/informers/externalversions/generic.go (93%) rename generated/{1.27 => 1.34}/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go (93%) rename generated/{1.26 => 1.34}/client/concierge/listers/authentication/v1alpha1/expansion_generated.go (100%) create mode 100644 generated/1.34/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.34/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.34/client/concierge/listers/config/v1alpha1/credentialissuer.go rename generated/{1.26 => 1.34}/client/concierge/listers/config/v1alpha1/expansion_generated.go (100%) rename generated/{1.28 => 1.34}/client/concierge/openapi/zz_generated.openapi.go (84%) create mode 100644 generated/1.34/client/go.mod rename generated/{1.29 => 1.34}/client/go.sum (52%) rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/clientset.go (95%) rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/fake/clientset_generated.go (72%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/fake/doc.go (100%) rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/fake/register.go (88%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/scheme/doc.go (100%) rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/scheme/register.go (88%) rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go (83%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go (100%) rename generated/{1.27 => 1.34}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go (85%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go (83%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go (100%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go (83%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go (100%) rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go (100%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go rename generated/{1.27 => 1.34}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go (78%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go rename generated/{1.26 => 1.34}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go rename generated/{1.28 => 1.34}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go (85%) create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go rename generated/{1.27 => 1.34}/client/supervisor/informers/externalversions/config/interface.go (89%) rename generated/{1.26 => 1.34}/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go (68%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/config/v1alpha1/interface.go (95%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go (68%) rename generated/{1.29 => 1.34}/client/supervisor/informers/externalversions/factory.go (95%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/generic.go (94%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/idp/interface.go (89%) rename generated/{1.27 => 1.34}/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go (67%) rename generated/{1.27 => 1.34}/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go (68%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go (97%) rename generated/{1.26 => 1.34}/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go (68%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go (68%) rename generated/{1.28 => 1.34}/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go (93%) rename generated/{1.26 => 1.34}/client/supervisor/listers/config/v1alpha1/expansion_generated.go (100%) rename generated/{1.26 => 1.34}/client/supervisor/listers/config/v1alpha1/federationdomain.go (50%) create mode 100644 generated/1.34/client/supervisor/listers/config/v1alpha1/oidcclient.go rename generated/{1.28 => 1.34}/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go (52%) rename generated/{1.26 => 1.34}/client/supervisor/listers/idp/v1alpha1/expansion_generated.go (100%) rename generated/{1.28 => 1.34}/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go (51%) rename generated/{1.27 => 1.34}/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go (51%) rename generated/{1.28 => 1.34}/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go (51%) rename generated/{1.29/client/concierge => 1.34/client/supervisor}/openapi/zz_generated.openapi.go (86%) rename generated/{1.27 => 1.34}/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml (99%) rename generated/{1.26 => 1.34}/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml (99%) rename generated/{1.28 => 1.34}/crds/config.concierge.pinniped.dev_credentialissuers.yaml (99%) rename generated/{1.28 => 1.34}/crds/config.supervisor.pinniped.dev_federationdomains.yaml (95%) rename generated/{1.28 => 1.34}/crds/config.supervisor.pinniped.dev_oidcclients.yaml (99%) rename generated/{1.27 => 1.34}/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml (99%) rename generated/{1.26 => 1.34}/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml (99%) rename generated/{1.28 => 1.34}/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml (99%) rename generated/{1.26 => 1.34}/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml (99%) rename generated/{1.28 => 1.35}/README.adoc (82%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/types_tls.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/config/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/config/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/config/v1alpha1/types_credentialissuer.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/doc.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/types_userinfo.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/types_whoamirequest.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/conversion.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/defaults.go (100%) rename generated/{1.26 => 1.35}/apis/concierge/identity/v1alpha1/doc.go (84%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/types_userinfo.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/types_whoamirequest.go (100%) rename generated/{1.29 => 1.35}/apis/concierge/identity/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/identity/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.28 => 1.35}/apis/concierge/identity/validation/validation.go (84%) rename generated/{1.27 => 1.35}/apis/concierge/identity/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/doc.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/types_clustercredential.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/types_tokencredentialrequest.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/conversion.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/defaults.go (100%) rename generated/{1.29 => 1.35}/apis/concierge/login/v1alpha1/doc.go (84%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/types_clustercredential.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.27 => 1.35}/apis/concierge/login/zz_generated.deepcopy.go (100%) create mode 100644 generated/1.35/apis/go.mod create mode 100644 generated/1.35/apis/go.sum rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/doc.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/register.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/conversion.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/defaults.go (100%) rename generated/{1.29 => 1.35}/apis/supervisor/clientsecret/v1alpha1/doc.go (85%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go (100%) rename generated/{1.26 => 1.35}/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go (99%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/clientsecret/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/config/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/config/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/config/v1alpha1/types_federationdomain.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/config/v1alpha1/types_oidcclient.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/register.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/types_tls.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go (100%) rename generated/{1.27 => 1.35}/apis/supervisor/oidc/types_supervisor_oidc.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/clientset.go (94%) rename generated/{1.26 => 1.35}/client/concierge/clientset/versioned/fake/clientset_generated.go (66%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/fake/doc.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/fake/register.go (85%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/scheme/doc.go (100%) rename generated/{1.26 => 1.35}/client/concierge/clientset/versioned/scheme/register.go (85%) rename generated/{1.26 => 1.35}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go (84%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go (100%) rename generated/{1.29 => 1.35}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go (84%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go rename generated/{1.29 => 1.35}/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go (82%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go (86%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go (86%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go (82%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go (100%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go (85%) create mode 100644 generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go (100%) rename generated/{1.28 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go (82%) rename generated/{1.27 => 1.35}/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go (50%) rename generated/{1.27 => 1.35}/client/concierge/informers/externalversions/authentication/interface.go (89%) rename generated/{1.29 => 1.35}/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go (95%) rename generated/{1.26 => 1.35}/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go (64%) rename generated/{1.26 => 1.35}/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go (64%) rename generated/{1.27 => 1.35}/client/concierge/informers/externalversions/config/interface.go (89%) rename generated/{1.27 => 1.35}/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go (66%) rename generated/{1.28 => 1.35}/client/concierge/informers/externalversions/config/v1alpha1/interface.go (94%) rename generated/{1.28 => 1.35}/client/concierge/informers/externalversions/factory.go (91%) rename generated/{1.27 => 1.35}/client/concierge/informers/externalversions/generic.go (93%) rename generated/{1.28 => 1.35}/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go (93%) rename generated/{1.27 => 1.35}/client/concierge/listers/authentication/v1alpha1/expansion_generated.go (100%) create mode 100644 generated/1.35/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.35/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.35/client/concierge/listers/config/v1alpha1/credentialissuer.go rename generated/{1.27 => 1.35}/client/concierge/listers/config/v1alpha1/expansion_generated.go (100%) rename generated/{1.26 => 1.35}/client/concierge/openapi/zz_generated.openapi.go (71%) create mode 100644 generated/1.35/client/go.mod create mode 100644 generated/1.35/client/go.sum rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/clientset.go (95%) rename generated/{1.29 => 1.35}/client/supervisor/clientset/versioned/fake/clientset_generated.go (65%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/fake/doc.go (100%) rename generated/{1.29 => 1.35}/client/supervisor/clientset/versioned/fake/register.go (88%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/scheme/doc.go (100%) rename generated/{1.29 => 1.35}/client/supervisor/clientset/versioned/scheme/register.go (88%) rename generated/{1.26 => 1.35}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go (83%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go (100%) rename generated/{1.28 => 1.35}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go (85%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go rename generated/{1.26 => 1.35}/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go (83%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go (100%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go (83%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go (100%) rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go (100%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go rename generated/{1.28 => 1.35}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go (78%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go rename generated/{1.27 => 1.35}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go (100%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go rename generated/{1.29 => 1.35}/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go (85%) create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go rename generated/{1.26 => 1.35}/client/supervisor/informers/externalversions/config/interface.go (89%) rename generated/{1.27 => 1.35}/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go (66%) rename generated/{1.26 => 1.35}/client/supervisor/informers/externalversions/config/v1alpha1/interface.go (95%) rename generated/{1.29 => 1.35}/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go (66%) rename generated/{1.28 => 1.35}/client/supervisor/informers/externalversions/factory.go (91%) rename generated/{1.29 => 1.35}/client/supervisor/informers/externalversions/generic.go (94%) rename generated/{1.29 => 1.35}/client/supervisor/informers/externalversions/idp/interface.go (89%) rename generated/{1.28 => 1.35}/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go (66%) rename generated/{1.28 => 1.35}/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go (66%) rename generated/{1.26 => 1.35}/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go (97%) rename generated/{1.28 => 1.35}/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go (67%) rename generated/{1.26 => 1.35}/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go (67%) rename generated/{1.26 => 1.35}/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go (93%) rename generated/{1.27 => 1.35}/client/supervisor/listers/config/v1alpha1/expansion_generated.go (100%) rename generated/{1.27 => 1.35}/client/supervisor/listers/config/v1alpha1/federationdomain.go (50%) create mode 100644 generated/1.35/client/supervisor/listers/config/v1alpha1/oidcclient.go rename generated/{1.26 => 1.35}/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go (52%) rename generated/{1.27 => 1.35}/client/supervisor/listers/idp/v1alpha1/expansion_generated.go (100%) rename generated/{1.29 => 1.35}/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go (51%) rename generated/{1.28 => 1.35}/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go (51%) rename generated/{1.27 => 1.35}/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go (51%) rename generated/{1.27/client/concierge => 1.35/client/supervisor}/openapi/zz_generated.openapi.go (73%) rename generated/{1.28 => 1.35}/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml (99%) rename generated/{1.28 => 1.35}/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml (99%) rename generated/{1.27 => 1.35}/crds/config.concierge.pinniped.dev_credentialissuers.yaml (99%) rename generated/{1.27 => 1.35}/crds/config.supervisor.pinniped.dev_federationdomains.yaml (95%) rename generated/{1.29 => 1.35}/crds/config.supervisor.pinniped.dev_oidcclients.yaml (99%) rename generated/{1.28 => 1.35}/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml (99%) rename generated/{1.28 => 1.35}/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml (99%) rename generated/{1.29 => 1.35}/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml (99%) rename generated/{1.28 => 1.35}/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml (99%) diff --git a/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/deploy/concierge/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml b/deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/deploy/supervisor/config.supervisor.pinniped.dev_federationdomains.yaml b/deploy/supervisor/config.supervisor.pinniped.dev_federationdomains.yaml index 211a61625..f61fdba36 100644 --- a/deploy/supervisor/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/deploy/supervisor/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/deploy/supervisor/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index 7f89dd92d..000000000 --- a/generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,235 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - identity "go.pinniped.dev/generated/1.26/apis/concierge/identity" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { - if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil { - return err - } - out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) - return nil -} - -// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function. -func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { - return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s) -} - -func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { - if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil { - return err - } - out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) - return nil -} - -// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function. -func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { - return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s) -} - -func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { - out.Username = in.Username - out.UID = in.UID - out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) - out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra)) - return nil -} - -// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function. -func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { - return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s) -} - -func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { - out.Username = in.Username - out.UID = in.UID - out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) - out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra)) - return nil -} - -// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function. -func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { - return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s) -} - -func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function. -func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { - return nil -} - -// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { - return nil -} - -// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { - if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { - if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { - return err - } - return nil -} - -// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s) -} diff --git a/generated/1.26/apis/concierge/identity/validation/validation.go b/generated/1.26/apis/concierge/identity/validation/validation.go deleted file mode 100644 index bea3a8686..000000000 --- a/generated/1.26/apis/concierge/identity/validation/validation.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package validation - -import ( - "k8s.io/apimachinery/pkg/util/validation/field" - - identityapi "go.pinniped.dev/generated/1.26/apis/concierge/identity" -) - -func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { - return nil // add validation for spec here if we expand it -} diff --git a/generated/1.26/apis/go.mod b/generated/1.26/apis/go.mod deleted file mode 100644 index 08a741d41..000000000 --- a/generated/1.26/apis/go.mod +++ /dev/null @@ -1,9 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.26/apis - -go 1.13 - -require ( - k8s.io/api v0.26.15 - k8s.io/apimachinery v0.26.15 -) diff --git a/generated/1.26/apis/go.sum b/generated/1.26/apis/go.sum deleted file mode 100644 index 61f72ef0a..000000000 --- a/generated/1.26/apis/go.sum +++ /dev/null @@ -1,300 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.23.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.26.15 h1:tjMERUjIwkq+2UtPZL5ZbSsLkpxUv4gXWZfV5lQl+Og= -k8s.io/api v0.26.15/go.mod h1:CtWOrFl8VLCTLolRlhbBxo4fy83tjCLEtYa5pMubIe0= -k8s.io/apimachinery v0.26.15 h1:GPxeERYBSqSZlj3xIkX4L6mBjzZ9q8JPnJ+Vj15qe+g= -k8s.io/apimachinery v0.26.15/go.mod h1:O/uIhIOWuy6ndHqQ6qbkjD7OgeMhVtlk8+Z66ZcmJQc= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d h1:0Smp/HP1OH4Rvhe+4B8nWGERtlqAGSftbSbbmm45oFs= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.26/apis/supervisor/clientsecret/v1alpha1/doc.go deleted file mode 100644 index d2c7e1584..000000000 --- a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret -// +k8s:defaulter-gen=TypeMeta -// +groupName=clientsecret.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -package v1alpha1 diff --git a/generated/1.26/client/concierge/clientset/versioned/doc.go b/generated/1.26/client/concierge/clientset/versioned/doc.go deleted file mode 100644 index d0443b30f..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated clientset. -package versioned diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go deleted file mode 100644 index 5f946e590..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAuthenticationV1alpha1 struct { - *testing.Fake -} - -func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { - return &FakeJWTAuthenticators{c} -} - -func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { - return &FakeWebhookAuthenticators{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go deleted file mode 100644 index a33992ad7..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeJWTAuthenticators implements JWTAuthenticatorInterface -type FakeJWTAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var jwtauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} - -var jwtauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "JWTAuthenticator"} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go deleted file mode 100644 index e3c2f435f..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface -type FakeWebhookAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} - -var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 19d0f08ce..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. -// A group's client should implement this interface. -type JWTAuthenticatorsGetter interface { - JWTAuthenticators() JWTAuthenticatorInterface -} - -// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. -type JWTAuthenticatorInterface interface { - Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) - Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) - JWTAuthenticatorExpansion -} - -// jWTAuthenticators implements JWTAuthenticatorInterface -type jWTAuthenticators struct { - client rest.Interface -} - -// newJWTAuthenticators returns a JWTAuthenticators -func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { - return &jWTAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Get(). - Resource("jwtauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.JWTAuthenticatorList{} - err = c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Post(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("jwtauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("jwtauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Patch(pt). - Resource("jwtauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index cedd3ce12..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. -// A group's client should implement this interface. -type WebhookAuthenticatorsGetter interface { - WebhookAuthenticators() WebhookAuthenticatorInterface -} - -// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. -type WebhookAuthenticatorInterface interface { - Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) - Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) - WebhookAuthenticatorExpansion -} - -// webhookAuthenticators implements WebhookAuthenticatorInterface -type webhookAuthenticators struct { - client rest.Interface -} - -// newWebhookAuthenticators returns a WebhookAuthenticators -func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { - return &webhookAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Get(). - Resource("webhookauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookAuthenticatorList{} - err = c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Post(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("webhookauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("webhookauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Patch(pt). - Resource("webhookauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go deleted file mode 100644 index 4c9bebb55..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ConfigV1alpha1Interface interface { - RESTClient() rest.Interface - CredentialIssuersGetter -} - -// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. -type ConfigV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { - return newCredentialIssuers(c) -} - -// NewForConfig creates a new ConfigV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ConfigV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ConfigV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ConfigV1alpha1Client { - return &ConfigV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 01d39b65b..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. -// A group's client should implement this interface. -type CredentialIssuersGetter interface { - CredentialIssuers() CredentialIssuerInterface -} - -// CredentialIssuerInterface has methods to work with CredentialIssuer resources. -type CredentialIssuerInterface interface { - Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) - Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) - CredentialIssuerExpansion -} - -// credentialIssuers implements CredentialIssuerInterface -type credentialIssuers struct { - client rest.Interface -} - -// newCredentialIssuers returns a CredentialIssuers -func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { - return &credentialIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Get(). - Resource("credentialissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.CredentialIssuerList{} - err = c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Post(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("credentialissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("credentialissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Patch(pt). - Resource("credentialissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go deleted file mode 100644 index 774dae14f..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeConfigV1alpha1 struct { - *testing.Fake -} - -func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { - return &FakeCredentialIssuers{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go deleted file mode 100644 index 8cfb1ee91..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCredentialIssuers implements CredentialIssuerInterface -type FakeCredentialIssuers struct { - Fake *FakeConfigV1alpha1 -} - -var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} - -var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} - for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go deleted file mode 100644 index 6ea70fdfe..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeIdentityV1alpha1 struct { - *testing.Fake -} - -func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { - return &FakeWhoAmIRequests{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeIdentityV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go deleted file mode 100644 index 5f4110c81..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - testing "k8s.io/client-go/testing" -) - -// FakeWhoAmIRequests implements WhoAmIRequestInterface -type FakeWhoAmIRequests struct { - Fake *FakeIdentityV1alpha1 -} - -var whoamirequestsResource = schema.GroupVersionResource{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Resource: "whoamirequests"} - -var whoamirequestsKind = schema.GroupVersionKind{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WhoAmIRequest"} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WhoAmIRequest), err -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go deleted file mode 100644 index 80bcd7285..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1" - "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type IdentityV1alpha1Interface interface { - RESTClient() rest.Interface - WhoAmIRequestsGetter -} - -// IdentityV1alpha1Client is used to interact with features provided by the identity.concierge.pinniped.dev group. -type IdentityV1alpha1Client struct { - restClient rest.Interface -} - -func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { - return newWhoAmIRequests(c) -} - -// NewForConfig creates a new IdentityV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new IdentityV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &IdentityV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new IdentityV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IdentityV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new IdentityV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IdentityV1alpha1Client { - return &IdentityV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *IdentityV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go deleted file mode 100644 index 6cc36f2fa..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. -// A group's client should implement this interface. -type WhoAmIRequestsGetter interface { - WhoAmIRequests() WhoAmIRequestInterface -} - -// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. -type WhoAmIRequestInterface interface { - Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) - WhoAmIRequestExpansion -} - -// whoAmIRequests implements WhoAmIRequestInterface -type whoAmIRequests struct { - client rest.Interface -} - -// newWhoAmIRequests returns a WhoAmIRequests -func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { - return &whoAmIRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - result = &v1alpha1.WhoAmIRequest{} - err = c.client.Post(). - Resource("whoamirequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(whoAmIRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go deleted file mode 100644 index 9ef247145..000000000 --- a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - testing "k8s.io/client-go/testing" -) - -// FakeTokenCredentialRequests implements TokenCredentialRequestInterface -type FakeTokenCredentialRequests struct { - Fake *FakeLoginV1alpha1 -} - -var tokencredentialrequestsResource = schema.GroupVersionResource{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Resource: "tokencredentialrequests"} - -var tokencredentialrequestsKind = schema.GroupVersionKind{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Kind: "TokenCredentialRequest"} - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.TokenCredentialRequest), err -} diff --git a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go deleted file mode 100644 index 0ae00697e..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // JWTAuthenticators returns a JWTAuthenticatorInformer. - JWTAuthenticators() JWTAuthenticatorInformer - // WebhookAuthenticators returns a WebhookAuthenticatorInformer. - WebhookAuthenticators() WebhookAuthenticatorInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// JWTAuthenticators returns a JWTAuthenticatorInformer. -func (v *version) JWTAuthenticators() JWTAuthenticatorInformer { - return &jWTAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - -// WebhookAuthenticators returns a WebhookAuthenticatorInformer. -func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { - return &webhookAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.26/client/concierge/informers/externalversions/config/interface.go b/generated/1.26/client/concierge/informers/externalversions/config/interface.go deleted file mode 100644 index d75aa4afe..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/config/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package config - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/interface.go deleted file mode 100644 index e8c01f081..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // CredentialIssuers returns a CredentialIssuerInformer. - CredentialIssuers() CredentialIssuerInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// CredentialIssuers returns a CredentialIssuerInformer. -func (v *version) CredentialIssuers() CredentialIssuerInformer { - return &credentialIssuerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.26/client/concierge/informers/externalversions/factory.go b/generated/1.26/client/concierge/informers/externalversions/factory.go deleted file mode 100644 index ae541cb84..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/factory.go +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - reflect "reflect" - sync "sync" - time "time" - - versioned "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - authentication "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/authentication" - config "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/config" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// SharedInformerOption defines the functional option type for SharedInformerFactory. -type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory - -type sharedInformerFactory struct { - client versioned.Interface - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc - lock sync.Mutex - defaultResync time.Duration - customResync map[reflect.Type]time.Duration - - informers map[reflect.Type]cache.SharedIndexInformer - // startedInformers is used for tracking which informers have been started. - // This allows Start() to be called multiple times safely. - startedInformers map[reflect.Type]bool - // wg tracks how many goroutines were started. - wg sync.WaitGroup - // shuttingDown is true when Shutdown has been called. It may still be running - // because it needs to wait for goroutines. - shuttingDown bool -} - -// WithCustomResyncConfig sets a custom resync period for the specified informer types. -func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - for k, v := range resyncConfig { - factory.customResync[reflect.TypeOf(k)] = v - } - return factory - } -} - -// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. -func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.tweakListOptions = tweakListOptions - return factory - } -} - -// WithNamespace limits the SharedInformerFactory to the specified namespace. -func WithNamespace(namespace string) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.namespace = namespace - return factory - } -} - -// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. -func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync) -} - -// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. -// Listers obtained via this SharedInformerFactory will be subject to the same filters -// as specified here. -// Deprecated: Please use NewSharedInformerFactoryWithOptions instead -func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) -} - -// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. -func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { - factory := &sharedInformerFactory{ - client: client, - namespace: v1.NamespaceAll, - defaultResync: defaultResync, - informers: make(map[reflect.Type]cache.SharedIndexInformer), - startedInformers: make(map[reflect.Type]bool), - customResync: make(map[reflect.Type]time.Duration), - } - - // Apply all options - for _, opt := range options { - factory = opt(factory) - } - - return factory -} - -func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { - f.lock.Lock() - defer f.lock.Unlock() - - if f.shuttingDown { - return - } - - for informerType, informer := range f.informers { - if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() - f.startedInformers[informerType] = true - } - } -} - -func (f *sharedInformerFactory) Shutdown() { - f.lock.Lock() - f.shuttingDown = true - f.lock.Unlock() - - // Will return immediately if there is nothing to wait for. - f.wg.Wait() -} - -func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { - informers := func() map[reflect.Type]cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informers := map[reflect.Type]cache.SharedIndexInformer{} - for informerType, informer := range f.informers { - if f.startedInformers[informerType] { - informers[informerType] = informer - } - } - return informers - }() - - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) - } - return res -} - -// InternalInformerFor returns the SharedIndexInformer for obj using an internal -// client. -func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informerType := reflect.TypeOf(obj) - informer, exists := f.informers[informerType] - if exists { - return informer - } - - resyncPeriod, exists := f.customResync[informerType] - if !exists { - resyncPeriod = f.defaultResync - } - - informer = newFunc(f.client, resyncPeriod) - f.informers[informerType] = informer - - return informer -} - -// SharedInformerFactory provides shared informers for resources in all known -// API group versions. -// -// It is typically used like this: -// -// ctx, cancel := context.Background() -// defer cancel() -// factory := NewSharedInformerFactory(client, resyncPeriod) -// defer factory.WaitForStop() // Returns immediately if nothing was started. -// genericInformer := factory.ForResource(resource) -// typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } -// } -// -// // Creating informers can also be created after Start, but then -// // Start must be called again: -// anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) -type SharedInformerFactory interface { - internalinterfaces.SharedInformerFactory - - // Start initializes all requested informers. They are handled in goroutines - // which run until the stop channel gets closed. - Start(stopCh <-chan struct{}) - - // Shutdown marks a factory as shutting down. At that point no new - // informers can be started anymore and Start will return without - // doing anything. - // - // In addition, Shutdown blocks until all goroutines have terminated. For that - // to happen, the close channel(s) that they were started with must be closed, - // either before Shutdown gets called or while it is waiting. - // - // Shutdown may be called multiple times, even concurrently. All such calls will - // block until all goroutines have terminated. - Shutdown() - - // WaitForCacheSync blocks until all started informers' caches were synced - // or the stop channel gets closed. - WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - - // ForResource gives generic access to a shared informer of the matching type. - ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - - // InternalInformerFor returns the SharedIndexInformer for obj using an internal - // client. - InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer - - Authentication() authentication.Interface - Config() config.Interface -} - -func (f *sharedInformerFactory) Authentication() authentication.Interface { - return authentication.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Config() config.Interface { - return config.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.26/client/concierge/informers/externalversions/generic.go b/generated/1.26/client/concierge/informers/externalversions/generic.go deleted file mode 100644 index 00af2cb68..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/generic.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - "fmt" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// GenericInformer is type of SharedIndexInformer which will locate and delegate to other -// sharedInformers based on type -type GenericInformer interface { - Informer() cache.SharedIndexInformer - Lister() cache.GenericLister -} - -type genericInformer struct { - informer cache.SharedIndexInformer - resource schema.GroupResource -} - -// Informer returns the SharedIndexInformer. -func (f *genericInformer) Informer() cache.SharedIndexInformer { - return f.informer -} - -// Lister returns the GenericLister. -func (f *genericInformer) Lister() cache.GenericLister { - return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) -} - -// ForResource gives generic access to a shared informer of the matching type -// TODO extend this to unknown resources with a client pool -func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { - switch resource { - // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().JWTAuthenticators().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil - - // Group=config.concierge.pinniped.dev, Version=v1alpha1 - case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil - - } - - return nil, fmt.Errorf("no informer found for %v", resource) -} diff --git a/generated/1.26/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.26/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go deleted file mode 100644 index 7e93d2d89..000000000 --- a/generated/1.26/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package internalinterfaces - -import ( - time "time" - - versioned "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - cache "k8s.io/client-go/tools/cache" -) - -// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. -type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer - -// SharedInformerFactory a small interface to allow for adding an informer without an import cycle -type SharedInformerFactory interface { - Start(stopCh <-chan struct{}) - InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer -} - -// TweakListOptionsFunc is a function that transforms a v1.ListOptions. -type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.26/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.26/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 8d67a6527..000000000 --- a/generated/1.26/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorLister helps list JWTAuthenticators. -// All objects returned here must be treated as read-only. -type JWTAuthenticatorLister interface { - // List lists all JWTAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) - // Get retrieves the JWTAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.JWTAuthenticator, error) - JWTAuthenticatorListerExpansion -} - -// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. -type jWTAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. -func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { - return &jWTAuthenticatorLister{indexer: indexer} -} - -// List lists all JWTAuthenticators in the indexer. -func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) - }) - return ret, err -} - -// Get retrieves the JWTAuthenticator from the index for a given name. -func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) - } - return obj.(*v1alpha1.JWTAuthenticator), nil -} diff --git a/generated/1.26/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.26/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 1be5b2870..000000000 --- a/generated/1.26/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorLister helps list WebhookAuthenticators. -// All objects returned here must be treated as read-only. -type WebhookAuthenticatorLister interface { - // List lists all WebhookAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) - // Get retrieves the WebhookAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookAuthenticator, error) - WebhookAuthenticatorListerExpansion -} - -// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. -type webhookAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. -func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { - return &webhookAuthenticatorLister{indexer: indexer} -} - -// List lists all WebhookAuthenticators in the indexer. -func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) - }) - return ret, err -} - -// Get retrieves the WebhookAuthenticator from the index for a given name. -func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) - } - return obj.(*v1alpha1.WebhookAuthenticator), nil -} diff --git a/generated/1.26/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.26/client/concierge/listers/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 98fc74930..000000000 --- a/generated/1.26/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerLister helps list CredentialIssuers. -// All objects returned here must be treated as read-only. -type CredentialIssuerLister interface { - // List lists all CredentialIssuers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) - // Get retrieves the CredentialIssuer from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.CredentialIssuer, error) - CredentialIssuerListerExpansion -} - -// credentialIssuerLister implements the CredentialIssuerLister interface. -type credentialIssuerLister struct { - indexer cache.Indexer -} - -// NewCredentialIssuerLister returns a new CredentialIssuerLister. -func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { - return &credentialIssuerLister{indexer: indexer} -} - -// List lists all CredentialIssuers in the indexer. -func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.CredentialIssuer)) - }) - return ret, err -} - -// Get retrieves the CredentialIssuer from the index for a given name. -func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) - } - return obj.(*v1alpha1.CredentialIssuer), nil -} diff --git a/generated/1.26/client/go.mod b/generated/1.26/client/go.mod deleted file mode 100644 index f25930ebc..000000000 --- a/generated/1.26/client/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.26/client - -go 1.13 - -replace go.pinniped.dev/generated/1.26/apis => ../apis - -require ( - go.pinniped.dev/generated/1.26/apis v0.0.0 - k8s.io/apimachinery v0.26.15 - k8s.io/client-go v0.26.15 - k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 -) diff --git a/generated/1.26/client/go.sum b/generated/1.26/client/go.sum deleted file mode 100644 index a249f9c5f..000000000 --- a/generated/1.26/client/go.sum +++ /dev/null @@ -1,345 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= -github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0 h1:+Ig9nvqgS5OBSACXNk15PLdp0U9XPYROt9CFzVdFGIs= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.23.0 h1:/oxKu9c2HVap+F3PfKort2Hw5DEU+HGlW8n+tguWsys= -github.com/onsi/gomega v1.23.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.26.15 h1:tjMERUjIwkq+2UtPZL5ZbSsLkpxUv4gXWZfV5lQl+Og= -k8s.io/api v0.26.15/go.mod h1:CtWOrFl8VLCTLolRlhbBxo4fy83tjCLEtYa5pMubIe0= -k8s.io/apimachinery v0.26.15 h1:GPxeERYBSqSZlj3xIkX4L6mBjzZ9q8JPnJ+Vj15qe+g= -k8s.io/apimachinery v0.26.15/go.mod h1:O/uIhIOWuy6ndHqQ6qbkjD7OgeMhVtlk8+Z66ZcmJQc= -k8s.io/client-go v0.26.15 h1:A2Yav2v+VZQfpEsf5ESFp2Lqq5XACKBDrwkG+jEtOg0= -k8s.io/client-go v0.26.15/go.mod h1:KJs7snLEyKPlypqTQG/ngcaqE6h3/6qTvVHDViRL+iI= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d h1:0Smp/HP1OH4Rvhe+4B8nWGERtlqAGSftbSbbmm45oFs= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.26/client/supervisor/clientset/versioned/clientset.go b/generated/1.26/client/supervisor/clientset/versioned/clientset.go deleted file mode 100644 index 2630e0359..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/clientset.go +++ /dev/null @@ -1,133 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - "net/http" - - clientsecretv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface - ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface -} - -// Clientset contains the clients for groups. -type Clientset struct { - *discovery.DiscoveryClient - clientsecretV1alpha1 *clientsecretv1alpha1.ClientsecretV1alpha1Client - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client -} - -// ClientsecretV1alpha1 retrieves the ClientsecretV1alpha1Client -func (c *Clientset) ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface { - return c.clientsecretV1alpha1 -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return c.configV1alpha1 -} - -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return c.iDPV1alpha1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - - if configShallowCopy.UserAgent == "" { - configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() - } - - // share the transport between all clients - httpClient, err := rest.HTTPClientFor(&configShallowCopy) - if err != nil { - return nil, err - } - - return NewForConfigAndClient(&configShallowCopy, httpClient) -} - -// NewForConfigAndClient creates a new Clientset for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. -func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - - var cs Clientset - var err error - cs.clientsecretV1alpha1, err = clientsecretv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - cs, err := NewForConfig(c) - if err != nil { - panic(err) - } - return cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.clientsecretV1alpha1 = clientsecretv1alpha1.New(c) - cs.configV1alpha1 = configv1alpha1.New(c) - cs.iDPV1alpha1 = idpv1alpha1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/doc.go b/generated/1.26/client/supervisor/clientset/versioned/doc.go deleted file mode 100644 index d0443b30f..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated clientset. -package versioned diff --git a/generated/1.26/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.26/client/supervisor/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index 5017efc73..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var ( - _ clientset.Interface = &Clientset{} - _ testing.FakeClient = &Clientset{} -) - -// ClientsecretV1alpha1 retrieves the ClientsecretV1alpha1Client -func (c *Clientset) ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface { - return &fakeclientsecretv1alpha1.FakeClientsecretV1alpha1{Fake: &c.Fake} -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} -} - -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/fake/register.go b/generated/1.26/client/supervisor/clientset/versioned/fake/register.go deleted file mode 100644 index 0e83b3750..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/fake/register.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var scheme = runtime.NewScheme() -var codecs = serializer.NewCodecFactory(scheme) - -var localSchemeBuilder = runtime.SchemeBuilder{ - clientsecretv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(scheme)) -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.26/client/supervisor/clientset/versioned/scheme/register.go deleted file mode 100644 index fcf8f42c6..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/scheme/register.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package scheme - -import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var Scheme = runtime.NewScheme() -var Codecs = serializer.NewCodecFactory(Scheme) -var ParameterCodec = runtime.NewParameterCodec(Scheme) -var localSchemeBuilder = runtime.SchemeBuilder{ - clientsecretv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(Scheme)) -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go b/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go deleted file mode 100644 index 71c52f72d..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeClientsecretV1alpha1 struct { - *testing.Fake -} - -func (c *FakeClientsecretV1alpha1) OIDCClientSecretRequests(namespace string) v1alpha1.OIDCClientSecretRequestInterface { - return &FakeOIDCClientSecretRequests{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeClientsecretV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go deleted file mode 100644 index 3c36e3e74..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type FakeOIDCClientSecretRequests struct { - Fake *FakeClientsecretV1alpha1 - ns string -} - -var oidcclientsecretrequestsResource = schema.GroupVersionResource{Group: "clientsecret.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclientsecretrequests"} - -var oidcclientsecretrequestsKind = schema.GroupVersionKind{Group: "clientsecret.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClientSecretRequest"} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *FakeOIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsecretrequestsResource, c.ns, oIDCClientSecretRequest), &v1alpha1.OIDCClientSecretRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClientSecretRequest), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go deleted file mode 100644 index 2596fd216..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. -// A group's client should implement this interface. -type OIDCClientSecretRequestsGetter interface { - OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface -} - -// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. -type OIDCClientSecretRequestInterface interface { - Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*v1alpha1.OIDCClientSecretRequest, error) - OIDCClientSecretRequestExpansion -} - -// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type oIDCClientSecretRequests struct { - client rest.Interface - ns string -} - -// newOIDCClientSecretRequests returns a OIDCClientSecretRequests -func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { - return &oIDCClientSecretRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *oIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - result = &v1alpha1.OIDCClientSecretRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclientsecretrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClientSecretRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go deleted file mode 100644 index d60a9b3b6..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeFederationDomains implements FederationDomainInterface -type FakeFederationDomains struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var federationdomainsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} - -var federationdomainsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "FederationDomain"} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} - for _, item := range obj.(*v1alpha1.FederationDomainList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) - -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) - return err -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index e66750520..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} - -var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcclientsResource, c.ns, name, opts), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go deleted file mode 100644 index f13d1cf2b..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// FederationDomainsGetter has a method to return a FederationDomainInterface. -// A group's client should implement this interface. -type FederationDomainsGetter interface { - FederationDomains(namespace string) FederationDomainInterface -} - -// FederationDomainInterface has methods to work with FederationDomain resources. -type FederationDomainInterface interface { - Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) - Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) - FederationDomainExpansion -} - -// federationDomains implements FederationDomainInterface -type federationDomains struct { - client rest.Interface - ns string -} - -// newFederationDomains returns a FederationDomains -func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { - return &federationDomains{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.FederationDomainList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Post(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go deleted file mode 100644 index 46e7c466f..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCClientsGetter has a method to return a OIDCClientInterface. -// A group's client should implement this interface. -type OIDCClientsGetter interface { - OIDCClients(namespace string) OIDCClientInterface -} - -// OIDCClientInterface has methods to work with OIDCClient resources. -type OIDCClientInterface interface { - Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (*v1alpha1.OIDCClient, error) - Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCClient, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCClientList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) - OIDCClientExpansion -} - -// oIDCClients implements OIDCClientInterface -type oIDCClients struct { - client rest.Interface - ns string -} - -// newOIDCClients returns a OIDCClients -func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { - return &oIDCClients{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *oIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *oIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCClientList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *oIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *oIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *oIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 1279f5fac..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. -// A group's client should implement this interface. -type ActiveDirectoryIdentityProvidersGetter interface { - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface -} - -// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. -type ActiveDirectoryIdentityProviderInterface interface { - Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) - ActiveDirectoryIdentityProviderExpansion -} - -// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type activeDirectoryIdentityProviders struct { - client rest.Interface - ns string -} - -// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders -func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { - return &activeDirectoryIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ActiveDirectoryIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go deleted file mode 100644 index e2c222e91..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type FakeActiveDirectoryIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var activedirectoryidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} - -var activedirectoryidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "ActiveDirectoryIdentityProvider"} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go deleted file mode 100644 index dc0312380..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeGitHubIdentityProviders implements GitHubIdentityProviderInterface -type FakeGitHubIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var githubidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "githubidentityproviders"} - -var githubidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "GitHubIdentityProvider"} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *FakeGitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(githubidentityprovidersResource, c.ns, name), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *FakeGitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(githubidentityprovidersResource, githubidentityprovidersKind, c.ns, opts), &v1alpha1.GitHubIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.GitHubIdentityProviderList{ListMeta: obj.(*v1alpha1.GitHubIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.GitHubIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *FakeGitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(githubidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeGitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(githubidentityprovidersResource, "status", c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeGitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(githubidentityprovidersResource, c.ns, name, opts), &v1alpha1.GitHubIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeGitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(githubidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.GitHubIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *FakeGitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(githubidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go deleted file mode 100644 index a024fc942..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeIDPV1alpha1 struct { - *testing.Fake -} - -func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { - return &FakeActiveDirectoryIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) GitHubIdentityProviders(namespace string) v1alpha1.GitHubIdentityProviderInterface { - return &FakeGitHubIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { - return &FakeLDAPIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { - return &FakeOIDCIdentityProviders{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go deleted file mode 100644 index 258769845..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface -type FakeLDAPIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var ldapidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} - -var ldapidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "LDAPIdentityProvider"} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go deleted file mode 100644 index 2dcf5b08a..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface -type FakeOIDCIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var oidcidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} - -var oidcidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCIdentityProvider"} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 519f7a33d..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. -// A group's client should implement this interface. -type GitHubIdentityProvidersGetter interface { - GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface -} - -// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. -type GitHubIdentityProviderInterface interface { - Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.GitHubIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.GitHubIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) - GitHubIdentityProviderExpansion -} - -// gitHubIdentityProviders implements GitHubIdentityProviderInterface -type gitHubIdentityProviders struct { - client rest.Interface - ns string -} - -// newGitHubIdentityProviders returns a GitHubIdentityProviders -func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { - return &gitHubIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *gitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *gitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.GitHubIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *gitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *gitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *gitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *gitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *gitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go deleted file mode 100644 index 79cf0fc5e..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type IDPV1alpha1Interface interface { - RESTClient() rest.Interface - ActiveDirectoryIdentityProvidersGetter - GitHubIdentityProvidersGetter - LDAPIdentityProvidersGetter - OIDCIdentityProvidersGetter -} - -// IDPV1alpha1Client is used to interact with features provided by the idp.supervisor.pinniped.dev group. -type IDPV1alpha1Client struct { - restClient rest.Interface -} - -func (c *IDPV1alpha1Client) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface { - return newActiveDirectoryIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface { - return newGitHubIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface { - return newLDAPIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface { - return newOIDCIdentityProviders(c, namespace) -} - -// NewForConfig creates a new IDPV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new IDPV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &IDPV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new IDPV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IDPV1alpha1Client { - return &IDPV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *IDPV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index e0b49c3a9..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. -// A group's client should implement this interface. -type LDAPIdentityProvidersGetter interface { - LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface -} - -// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. -type LDAPIdentityProviderInterface interface { - Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) - LDAPIdentityProviderExpansion -} - -// lDAPIdentityProviders implements LDAPIdentityProviderInterface -type lDAPIdentityProviders struct { - client rest.Interface - ns string -} - -// newLDAPIdentityProviders returns a LDAPIdentityProviders -func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { - return &lDAPIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.LDAPIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index d859d70ba..000000000 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. -// A group's client should implement this interface. -type OIDCIdentityProvidersGetter interface { - OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface -} - -// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. -type OIDCIdentityProviderInterface interface { - Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) - OIDCIdentityProviderExpansion -} - -// oIDCIdentityProviders implements OIDCIdentityProviderInterface -type oIDCIdentityProviders struct { - client rest.Interface - ns string -} - -// newOIDCIdentityProviders returns a OIDCIdentityProviders -func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { - return &oIDCIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go deleted file mode 100644 index 52cfb5d01..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCClientInformer provides access to a shared informer and lister for -// OIDCClients. -type OIDCClientInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCClientLister -} - -type oIDCClientInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.OIDCClient{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) -} - -func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { - return v1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/factory.go b/generated/1.26/client/supervisor/informers/externalversions/factory.go deleted file mode 100644 index 02a672045..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/factory.go +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - reflect "reflect" - sync "sync" - time "time" - - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - config "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/idp" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// SharedInformerOption defines the functional option type for SharedInformerFactory. -type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory - -type sharedInformerFactory struct { - client versioned.Interface - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc - lock sync.Mutex - defaultResync time.Duration - customResync map[reflect.Type]time.Duration - - informers map[reflect.Type]cache.SharedIndexInformer - // startedInformers is used for tracking which informers have been started. - // This allows Start() to be called multiple times safely. - startedInformers map[reflect.Type]bool - // wg tracks how many goroutines were started. - wg sync.WaitGroup - // shuttingDown is true when Shutdown has been called. It may still be running - // because it needs to wait for goroutines. - shuttingDown bool -} - -// WithCustomResyncConfig sets a custom resync period for the specified informer types. -func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - for k, v := range resyncConfig { - factory.customResync[reflect.TypeOf(k)] = v - } - return factory - } -} - -// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. -func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.tweakListOptions = tweakListOptions - return factory - } -} - -// WithNamespace limits the SharedInformerFactory to the specified namespace. -func WithNamespace(namespace string) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.namespace = namespace - return factory - } -} - -// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. -func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync) -} - -// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. -// Listers obtained via this SharedInformerFactory will be subject to the same filters -// as specified here. -// Deprecated: Please use NewSharedInformerFactoryWithOptions instead -func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) -} - -// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. -func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { - factory := &sharedInformerFactory{ - client: client, - namespace: v1.NamespaceAll, - defaultResync: defaultResync, - informers: make(map[reflect.Type]cache.SharedIndexInformer), - startedInformers: make(map[reflect.Type]bool), - customResync: make(map[reflect.Type]time.Duration), - } - - // Apply all options - for _, opt := range options { - factory = opt(factory) - } - - return factory -} - -func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { - f.lock.Lock() - defer f.lock.Unlock() - - if f.shuttingDown { - return - } - - for informerType, informer := range f.informers { - if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() - f.startedInformers[informerType] = true - } - } -} - -func (f *sharedInformerFactory) Shutdown() { - f.lock.Lock() - f.shuttingDown = true - f.lock.Unlock() - - // Will return immediately if there is nothing to wait for. - f.wg.Wait() -} - -func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { - informers := func() map[reflect.Type]cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informers := map[reflect.Type]cache.SharedIndexInformer{} - for informerType, informer := range f.informers { - if f.startedInformers[informerType] { - informers[informerType] = informer - } - } - return informers - }() - - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) - } - return res -} - -// InternalInformerFor returns the SharedIndexInformer for obj using an internal -// client. -func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informerType := reflect.TypeOf(obj) - informer, exists := f.informers[informerType] - if exists { - return informer - } - - resyncPeriod, exists := f.customResync[informerType] - if !exists { - resyncPeriod = f.defaultResync - } - - informer = newFunc(f.client, resyncPeriod) - f.informers[informerType] = informer - - return informer -} - -// SharedInformerFactory provides shared informers for resources in all known -// API group versions. -// -// It is typically used like this: -// -// ctx, cancel := context.Background() -// defer cancel() -// factory := NewSharedInformerFactory(client, resyncPeriod) -// defer factory.WaitForStop() // Returns immediately if nothing was started. -// genericInformer := factory.ForResource(resource) -// typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } -// } -// -// // Creating informers can also be created after Start, but then -// // Start must be called again: -// anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) -type SharedInformerFactory interface { - internalinterfaces.SharedInformerFactory - - // Start initializes all requested informers. They are handled in goroutines - // which run until the stop channel gets closed. - Start(stopCh <-chan struct{}) - - // Shutdown marks a factory as shutting down. At that point no new - // informers can be started anymore and Start will return without - // doing anything. - // - // In addition, Shutdown blocks until all goroutines have terminated. For that - // to happen, the close channel(s) that they were started with must be closed, - // either before Shutdown gets called or while it is waiting. - // - // Shutdown may be called multiple times, even concurrently. All such calls will - // block until all goroutines have terminated. - Shutdown() - - // WaitForCacheSync blocks until all started informers' caches were synced - // or the stop channel gets closed. - WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - - // ForResource gives generic access to a shared informer of the matching type. - ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - - // InternalInformerFor returns the SharedIndexInformer for obj using an internal - // client. - InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer - - Config() config.Interface - IDP() idp.Interface -} - -func (f *sharedInformerFactory) Config() config.Interface { - return config.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) IDP() idp.Interface { - return idp.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/generic.go b/generated/1.26/client/supervisor/informers/externalversions/generic.go deleted file mode 100644 index 946d1f9cc..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/generic.go +++ /dev/null @@ -1,62 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - "fmt" - - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// GenericInformer is type of SharedIndexInformer which will locate and delegate to other -// sharedInformers based on type -type GenericInformer interface { - Informer() cache.SharedIndexInformer - Lister() cache.GenericLister -} - -type genericInformer struct { - informer cache.SharedIndexInformer - resource schema.GroupResource -} - -// Informer returns the SharedIndexInformer. -func (f *genericInformer) Informer() cache.SharedIndexInformer { - return f.informer -} - -// Lister returns the GenericLister. -func (f *genericInformer) Lister() cache.GenericLister { - return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) -} - -// ForResource gives generic access to a shared informer of the matching type -// TODO extend this to unknown resources with a client pool -func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { - switch resource { - // Group=config.supervisor.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil - - // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 - case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().ActiveDirectoryIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().GitHubIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().LDAPIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - - } - - return nil, fmt.Errorf("no informer found for %v", resource) -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.26/client/supervisor/informers/externalversions/idp/interface.go deleted file mode 100644 index 6efa74b1c..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package idp - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index ff26c82e7..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for -// ActiveDirectoryIdentityProviders. -type ActiveDirectoryIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.ActiveDirectoryIdentityProviderLister -} - -type activeDirectoryIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.ActiveDirectoryIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) -} - -func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { - return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index ce379dda1..000000000 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// GitHubIdentityProviderInformer provides access to a shared informer and lister for -// GitHubIdentityProviders. -type GitHubIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.GitHubIdentityProviderLister -} - -type gitHubIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.GitHubIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) -} - -func (f *gitHubIdentityProviderInformer) Lister() v1alpha1.GitHubIdentityProviderLister { - return v1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.26/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.26/client/supervisor/listers/config/v1alpha1/oidcclient.go deleted file mode 100644 index f2993512c..000000000 --- a/generated/1.26/client/supervisor/listers/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.26/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go b/generated/1.26/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index b41e3a081..000000000 --- a/generated/1.26/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// GitHubIdentityProviderLister helps list GitHubIdentityProviders. -// All objects returned here must be treated as read-only. -type GitHubIdentityProviderLister interface { - // List lists all GitHubIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) - // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. - GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister - GitHubIdentityProviderListerExpansion -} - -// gitHubIdentityProviderLister implements the GitHubIdentityProviderLister interface. -type gitHubIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewGitHubIdentityProviderLister returns a new GitHubIdentityProviderLister. -func NewGitHubIdentityProviderLister(indexer cache.Indexer) GitHubIdentityProviderLister { - return &gitHubIdentityProviderLister{indexer: indexer} -} - -// List lists all GitHubIdentityProviders in the indexer. -func (s *gitHubIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. -func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister { - return gitHubIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// GitHubIdentityProviderNamespaceLister helps list and get GitHubIdentityProviders. -// All objects returned here must be treated as read-only. -type GitHubIdentityProviderNamespaceLister interface { - // List lists all GitHubIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) - // Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.GitHubIdentityProvider, error) - GitHubIdentityProviderNamespaceListerExpansion -} - -// gitHubIdentityProviderNamespaceLister implements the GitHubIdentityProviderNamespaceLister -// interface. -type gitHubIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all GitHubIdentityProviders in the indexer for a given namespace. -func (s gitHubIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. -func (s gitHubIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.GitHubIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("githubidentityprovider"), name) - } - return obj.(*v1alpha1.GitHubIdentityProvider), nil -} diff --git a/generated/1.26/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.26/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 15cfa813e..000000000 --- a/generated/1.26/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// LDAPIdentityProviderLister helps list LDAPIdentityProviders. -// All objects returned here must be treated as read-only. -type LDAPIdentityProviderLister interface { - // List lists all LDAPIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) - // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. - LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister - LDAPIdentityProviderListerExpansion -} - -// lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. -type lDAPIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. -func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { - return &lDAPIdentityProviderLister{indexer: indexer} -} - -// List lists all LDAPIdentityProviders in the indexer. -func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. -func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { - return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. -// All objects returned here must be treated as read-only. -type LDAPIdentityProviderNamespaceLister interface { - // List lists all LDAPIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) - // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.LDAPIdentityProvider, error) - LDAPIdentityProviderNamespaceListerExpansion -} - -// lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister -// interface. -type lDAPIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all LDAPIdentityProviders in the indexer for a given namespace. -func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. -func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) - } - return obj.(*v1alpha1.LDAPIdentityProvider), nil -} diff --git a/generated/1.26/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.26/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 35d47d9ae..000000000 --- a/generated/1.26/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCIdentityProviderLister helps list OIDCIdentityProviders. -// All objects returned here must be treated as read-only. -type OIDCIdentityProviderLister interface { - // List lists all OIDCIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) - // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. - OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister - OIDCIdentityProviderListerExpansion -} - -// oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. -type oIDCIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. -func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { - return &oIDCIdentityProviderLister{indexer: indexer} -} - -// List lists all OIDCIdentityProviders in the indexer. -func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. -func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { - return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. -// All objects returned here must be treated as read-only. -type OIDCIdentityProviderNamespaceLister interface { - // List lists all OIDCIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) - // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCIdentityProvider, error) - OIDCIdentityProviderNamespaceListerExpansion -} - -// oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister -// interface. -type oIDCIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCIdentityProviders in the indexer for a given namespace. -func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. -func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) - } - return obj.(*v1alpha1.OIDCIdentityProvider), nil -} diff --git a/generated/1.26/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.26/client/supervisor/openapi/zz_generated.openapi.go deleted file mode 100644 index ff8fb48c3..000000000 --- a/generated/1.26/client/supervisor/openapi/zz_generated.openapi.go +++ /dev/null @@ -1,2664 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by openapi-gen. DO NOT EDIT. - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - common "k8s.io/kube-openapi/pkg/common" - spec "k8s.io/kube-openapi/pkg/validation/spec" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of OIDCClientSecretRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generateNewSecret": { - SchemaProps: spec.SchemaProps{ - Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "revokeOldSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generatedSecret": { - SchemaProps: spec.SchemaProps{ - Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", - Type: []string{"string"}, - Format: "", - }, - }, - "totalClientSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"totalClientSecrets"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the name of the group.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the versions supported in this group.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - }, - }, - }, - "preferredVersion": { - SchemaProps: spec.SchemaProps{ - Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"name", "versions"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "groups is a list of APIGroup.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"groups"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, - } -} - -func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResource specifies the name of a resource and whether it is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the plural name of the resource.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "singularName": { - SchemaProps: spec.SchemaProps{ - Description: "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "namespaced": { - SchemaProps: spec.SchemaProps{ - Description: "namespaced indicates if a resource is namespaced or not.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "verbs": { - SchemaProps: spec.SchemaProps{ - Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "shortNames": { - SchemaProps: spec.SchemaProps{ - Description: "shortNames is a list of suggested short names of the resource.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "categories": { - SchemaProps: spec.SchemaProps{ - Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "storageVersionHash": { - SchemaProps: spec.SchemaProps{ - Description: "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "singularName", "namespaced", "kind", "verbs"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion is the group and version this APIResourceList is for.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resources": { - SchemaProps: spec.SchemaProps{ - Description: "resources contains the name of the resources and if they are namespaced.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), - }, - }, - }, - }, - }, - }, - Required: []string{"groupVersion", "resources"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, - } -} - -func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the api versions that are available.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"versions", "serverAddressByClientCIDRs"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ApplyOptions may be provided when applying an API object. FieldManager is required for apply requests. ApplyOptions is equivalent to PatchOptions. It is provided as a convenience with documentation that speaks specifically to how the options fields relate to apply.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"force", "fieldManager"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition contains details for one aspect of the current state of this API Resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CreateOptions may be provided when creating an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "DeleteOptions may be provided when deleting an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "gracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "preconditions": { - SchemaProps: spec.SchemaProps{ - Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), - }, - }, - "orphanDependents": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "propagationPolicy": { - SchemaProps: spec.SchemaProps{ - Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, - } -} - -func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_FieldsV1(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.\n\nEach key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:', where is the name of a field in a struct, or key in a map 'v:', where is the exact json formatted value of a list item 'i:', where is position of a item in a list 'k:', where is a map of a list item's key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.\n\nThe exact format is defined in sigs.k8s.io/structured-merge-diff", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GetOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GetOptions is the standard query options to the standard REST get call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion specifies the API group and version in the form \"group/version\"", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"groupVersion", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "InternalEvent makes watch.Event versioned", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "Type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "Object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), - }, - }, - }, - Required: []string{"Type", "Object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "matchLabels": { - SchemaProps: spec.SchemaProps{ - Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "matchExpressions": { - SchemaProps: spec.SchemaProps{ - Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), - }, - }, - }, - }, - }, - }, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "key", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "key is the label key that the selector applies to.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "operator": { - SchemaProps: spec.SchemaProps{ - Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"key", "operator"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List holds a list of objects, which may not be known by the server.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "List of objects", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", - Type: []string{"string"}, - Format: "", - }, - }, - "remainingItemCount": { - SchemaProps: spec.SchemaProps{ - Description: "remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is *estimating* the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListOptions is the query options to a standard REST list call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "labelSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "watch": { - SchemaProps: spec.SchemaProps{ - Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "allowWatchBookmarks": { - SchemaProps: spec.SchemaProps{ - Description: "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersionMatch": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "timeoutSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "limit": { - SchemaProps: spec.SchemaProps{ - Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "manager": { - SchemaProps: spec.SchemaProps{ - Description: "Manager is an identifier of the workflow managing these fields.", - Type: []string{"string"}, - Format: "", - }, - }, - "operation": { - SchemaProps: spec.SchemaProps{ - Description: "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", - Type: []string{"string"}, - Format: "", - }, - }, - "time": { - SchemaProps: spec.SchemaProps{ - Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "fieldsType": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: \"FieldsV1\"", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldsV1": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), - }, - }, - "subresource": { - SchemaProps: spec.SchemaProps{ - Description: "Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", - Type: []string{"string"}, - Format: "", - }, - }, - "generateName": { - SchemaProps: spec.SchemaProps{ - Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will return a 409.\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency", - Type: []string{"string"}, - Format: "", - }, - }, - "namespace": { - SchemaProps: spec.SchemaProps{ - Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", - Type: []string{"string"}, - Format: "", - }, - }, - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "generation": { - SchemaProps: spec.SchemaProps{ - Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "creationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionGracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "labels": { - SchemaProps: spec.SchemaProps{ - Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "annotations": { - SchemaProps: spec.SchemaProps{ - Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "ownerReferences": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "uid", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), - }, - }, - }, - }, - }, - "finalizers": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "managedFields": { - SchemaProps: spec.SchemaProps{ - Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "API version of the referent.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "controller": { - SchemaProps: spec.SchemaProps{ - Description: "If true, this reference points to the managing controller.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "blockOwnerDeletion": { - SchemaProps: spec.SchemaProps{ - Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"apiVersion", "kind", "name", "uid"}, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadataList contains a list of objects containing only their metadata", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "items contains each of the included items.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, - } -} - -func schema_pkg_apis_meta_v1_Patch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PatchOptions may be provided when patching an API object. PatchOptions is meant to be a superset of UpdateOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Preconditions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target UID.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target ResourceVersion", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "paths": { - SchemaProps: spec.SchemaProps{ - Description: "paths are the paths available at root.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"paths"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "clientCIDR": { - SchemaProps: spec.SchemaProps{ - Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "serverAddress": { - SchemaProps: spec.SchemaProps{ - Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"clientCIDR", "serverAddress"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is a return value for calls that don't return other objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the status of this operation.", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - Type: []string{"string"}, - Format: "", - }, - }, - "details": { - SchemaProps: spec.SchemaProps{ - Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), - }, - }, - "code": { - SchemaProps: spec.SchemaProps{ - Description: "Suggested HTTP return code for this status, 0 if not set.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, - } -} - -func schema_pkg_apis_meta_v1_StatusCause(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", - Type: []string{"string"}, - Format: "", - }, - }, - "field": { - SchemaProps: spec.SchemaProps{ - Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", - Type: []string{"string"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "The group attribute of the resource associated with the status StatusReason.", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "causes": { - SchemaProps: spec.SchemaProps{ - Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), - }, - }, - }, - }, - }, - "retryAfterSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, - } -} - -func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "columnDefinitions": { - SchemaProps: spec.SchemaProps{ - Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), - }, - }, - }, - }, - }, - "rows": { - SchemaProps: spec.SchemaProps{ - Description: "rows is the list of items in the table.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), - }, - }, - }, - }, - }, - }, - Required: []string{"columnDefinitions", "rows"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, - } -} - -func schema_pkg_apis_meta_v1_TableColumnDefinition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableColumnDefinition contains information about a column returned in the Table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is a human readable name for the column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type is an OpenAPI type definition for this column, such as number, integer, string, or array. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "format": { - SchemaProps: spec.SchemaProps{ - Description: "format is an optional OpenAPI type modifier for this column. A format modifies the type and imposes additional rules, like date or time formatting for a string. The 'name' format is applied to the primary identifier column which has type 'string' to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "description": { - SchemaProps: spec.SchemaProps{ - Description: "description is a human readable description of this column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "priority": { - SchemaProps: spec.SchemaProps{ - Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"name", "type", "format", "description", "priority"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableOptions are used when a Table is requested by the caller.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "includeObject": { - SchemaProps: spec.SchemaProps{ - Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRow is an individual row in a table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "cells": { - SchemaProps: spec.SchemaProps{ - Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Format: "", - }, - }, - }, - }, - }, - "conditions": { - SchemaProps: spec.SchemaProps{ - Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), - }, - }, - }, - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"cells"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_TableRowCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRowCondition allows a row to be marked with additional information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type of row condition. The only defined value is 'Completed' indicating that the object this row represents has reached a completed state and may be given less visual priority than other rows. Clients are not required to honor any conditions but should be consistent where possible about handling the conditions.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "(brief) machine readable reason for the condition's last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "Human readable message indicating details about last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Timestamp(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "seconds": { - SchemaProps: spec.SchemaProps{ - Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.", - Default: 0, - Type: []string{"integer"}, - Format: "int64", - }, - }, - "nanos": { - SchemaProps: spec.SchemaProps{ - Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"seconds", "nanos"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UpdateOptions may be provided when updating an API object. All fields in UpdateOptions should also be present in PatchOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Event represents a single event to a watched resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"type", "object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.Object `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// External package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// On the wire, the JSON will look something like this:\n\n\t{\n\t\t\"kind\":\"MyAPIObject\",\n\t\t\"apiVersion\":\"v1\",\n\t\t\"myPlugin\": {\n\t\t\t\"kind\":\"PluginA\",\n\t\t\t\"aOption\":\"foo\",\n\t\t},\n\t}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", - Type: []string{"object"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this:\n\n\ttype MyAwesomeAPIObject struct {\n\t runtime.TypeMeta `json:\",inline\"`\n\t ... // other fields\n\t}\n\nfunc (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "Raw": { - SchemaProps: spec.SchemaProps{ - Description: "Raw will hold the complete serialized object which couldn't be matched with a registered type. Most likely, nothing should be done with this except for passing it through the system.", - Type: []string{"string"}, - Format: "byte", - }, - }, - "ContentEncoding": { - SchemaProps: spec.SchemaProps{ - Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "ContentType": { - SchemaProps: spec.SchemaProps{ - Description: "ContentType is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"Raw", "ContentEncoding", "ContentType"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Info contains versioning information. how we'll want to distribute that information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "major": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "minor": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitCommit": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitTreeState": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "buildDate": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "goVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "compiler": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "platform": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"}, - }, - }, - } -} diff --git a/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml deleted file mode 100644 index f235e0fc5..000000000 --- a/generated/1.26/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ /dev/null @@ -1,431 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: jwtauthenticators.authentication.concierge.pinniped.dev -spec: - group: authentication.concierge.pinniped.dev - names: - categories: - - pinniped - - pinniped-authenticator - - pinniped-authenticators - kind: JWTAuthenticator - listKind: JWTAuthenticatorList - plural: jwtauthenticators - singular: jwtauthenticator - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .spec.audience - name: Audience - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - JWTAuthenticator describes the configuration of a JWT authenticator. - - Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid - signature, existence of claims, etc.) and extract the username and groups from the token. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec for configuring the authenticator. - properties: - audience: - description: audience is the required value of the "aud" JWT claim. - minLength: 1 - type: string - claimValidationRules: - description: |- - claimValidationRules are rules that are applied to validate token claims to authenticate users. - This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, mistakes in this - configuration will cause the user's login to fail. - items: - description: ClaimValidationRule provides the configuration for - a single claim validation rule. - properties: - claim: - description: |- - claim is the name of a required claim. - Only string claim keys are supported. - Mutually exclusive with expression and message. - type: string - expression: - description: |- - expression represents the expression which will be evaluated by CEL. - Must produce a boolean. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - Must return true for the validation to pass. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with claim and requiredValue. - type: string - message: - description: |- - message customizes the returned error message when expression returns false. - message is a literal string. - Mutually exclusive with claim and requiredValue. - type: string - requiredValue: - description: |- - requiredValue is the value of a required claim. - Only string claim values are supported. - If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. - Mutually exclusive with expression and message. - type: string - type: object - type: array - claims: - description: |- - claims allows customization of the claims that will be mapped to user identity - for Kubernetes access. - properties: - extra: - description: |- - extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - - However, note that the Pinniped Concierge issues client certificates to users for the purpose - of authenticating, and the Kubernetes API server does not have any mechanism for transmitting - auth extras via client certificates. When configured, these extras will appear in client - certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational - Units (OU). However, when this client certificate is presented to Kubernetes for authentication, - Kubernetes will ignore these extras. This is probably only useful if you are using a custom - authenticating proxy in front of your Kubernetes API server which can translate these OUs into - auth extras, as described by - https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to either a string or an array of strings, or else the user's login will fail. - - These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). - - expression must produce a string or string array value. - If the value is empty, the extra mapping will not be present. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - hard-coded extra key/value - - key: "acme.io/foo" - valueExpression: "'bar'" - This will result in an extra attribute - acme.io/foo: ["bar"] - - hard-coded key, value copying claim value - - key: "acme.io/foo" - valueExpression: "claims.some_claim" - This will result in an extra attribute - acme.io/foo: [value of some_claim] - - hard-coded key, value derived from claim value - - key: "acme.io/admin" - valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' - This will result in: - - if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] - - if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added - items: - description: ExtraMapping provides the configuration for a single - extra mapping. - properties: - key: - description: |- - key is a string to use as the extra attribute key. - key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid - subdomain as defined by RFC 1123. All characters trailing the first "/" must - be valid HTTP Path characters as defined by RFC 3986. - key must be lowercase. - Required to be unique. - Additionally, the key must not contain an equals sign ("="). - type: string - valueExpression: - description: |- - valueExpression is a CEL expression to extract extra attribute value. - valueExpression must produce a string or string array value. - "", [], and null values are treated as the extra mapping not being present. - Empty string values contained within a string array are filtered out. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - type: string - required: - - key - - valueExpression - type: object - type: array - groups: - description: |- - groups is the name of the claim which should be read to extract the user's - group membership from the JWT token. When not specified, it will default to "groups", - unless groupsExpression is specified. - - Mutually exclusive with groupsExpression. Use either groups or groupsExpression to - determine the user's group membership from the JWT token. - type: string - groupsExpression: - description: |- - groupsExpression represents an expression which will be evaluated by CEL. - The expression's result will become the user's group memberships. - - groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to one of the expected types without errors, or else the user's login will fail. - Additionally, mistakes in this configuration can cause the users to have unintended group memberships. - - The expression must produce a string or string array value. - "", [], and null values are treated as the group mapping not being present. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with groups. Use either groups or groupsExpression to - determine the user's group membership from the JWT token. - type: string - username: - description: |- - username is the name of the claim which should be read to extract the - username from the JWT token. When not specified, it will default to "username", - unless usernameExpression is specified. - - Mutually exclusive with usernameExpression. Use either username or usernameExpression to - determine the user's username from the JWT token. - type: string - usernameExpression: - description: |- - usernameExpression represents an expression which will be evaluated by CEL. - The expression's result will become the user's username. - - usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to the expected type without errors, or else the user's login will fail. - Additionally, mistakes in this configuration can cause the users to have unintended usernames. - - The expression must produce a non-empty string value. - If the expression uses 'claims.email', then 'claims.email_verified' must be used in - the expression or extra[*].valueExpression or claimValidationRules[*].expression. - An example claim validation rule expression that matches the validation automatically - applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. - By explicitly comparing the value to true, we let type-checking see the result will be a boolean, - and to make sure a non-boolean email_verified claim will be caught at runtime. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with username. Use either username or usernameExpression to - determine the user's username from the JWT token. - type: string - type: object - issuer: - description: |- - issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is - also used to validate the "iss" JWT claim. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: tls is the configuration for communicating with the OIDC - provider via TLS. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userValidationRules: - description: |- - userValidationRules are rules that are applied to final user before completing authentication. - These allow invariants to be applied to incoming identities such as preventing the - use of the system: prefix that is commonly used by Kubernetes components. - The validation rules are logically ANDed together and must all return true for the validation to pass. - This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, mistakes in this - configuration will cause the user's login to fail. - items: - description: UserValidationRule provides the configuration for a - single user info validation rule. - properties: - expression: - description: |- - expression represents the expression which will be evaluated by CEL. - Must return true for the validation to pass. - - CEL expressions have access to the contents of UserInfo, organized into CEL variable: - - 'user' - authentication.k8s.io/v1, Kind=UserInfo object - Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. - API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - type: string - message: - description: |- - message customizes the returned error message when rule returns false. - message is a literal string. - type: string - required: - - expression - type: object - type: array - required: - - audience - - issuer - type: object - status: - description: status of the authenticator. - properties: - conditions: - description: Represents the observations of the authenticator's current - state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the JWTAuthenticator. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.26/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.26/crds/config.concierge.pinniped.dev_credentialissuers.yaml deleted file mode 100644 index 84f4b9ab8..000000000 --- a/generated/1.26/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ /dev/null @@ -1,243 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: credentialissuers.config.concierge.pinniped.dev -spec: - group: config.concierge.pinniped.dev - names: - categories: - - pinniped - kind: CredentialIssuer - listKind: CredentialIssuerList - plural: credentialissuers - singular: credentialissuer - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.impersonationProxy.mode - name: ProxyMode - type: string - - jsonPath: .status.strategies[?(@.status == "Success")].type - name: DefaultStrategy - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: CredentialIssuer describes the configuration and status of the - Pinniped Concierge credential issuer. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec describes the intended configuration of the Concierge. - properties: - impersonationProxy: - description: ImpersonationProxy describes the intended configuration - of the Concierge impersonation proxy. - properties: - externalEndpoint: - description: |- - ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will - be served using the external name of the LoadBalancer service or the cluster service DNS name. - - This field must be non-empty when spec.impersonationProxy.service.type is "None". - type: string - mode: - description: |- - Mode configures whether the impersonation proxy should be started: - - "disabled" explicitly disables the impersonation proxy. This is the default. - - "enabled" explicitly enables the impersonation proxy. - - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. - enum: - - auto - - enabled - - disabled - type: string - service: - default: - type: LoadBalancer - description: Service describes the configuration of the Service - provisioned to expose the impersonation proxy to clients. - properties: - annotations: - additionalProperties: - type: string - description: Annotations specifies zero or more key/value - pairs to set as annotations on the provisioned Service. - type: object - loadBalancerIP: - description: |- - LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. - This is not supported on all cloud providers. - maxLength: 255 - minLength: 1 - type: string - type: - default: LoadBalancer - description: |- - Type specifies the type of Service to provision for the impersonation proxy. - - If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty - value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. - enum: - - LoadBalancer - - ClusterIP - - None - type: string - type: object - tls: - description: |- - TLS contains information about how the Concierge impersonation proxy should serve TLS. - - If this field is empty, the impersonation proxy will generate its own TLS certificate. - properties: - certificateAuthorityData: - description: |- - X.509 Certificate Authority (base64-encoded PEM bundle). - Used to advertise the CA bundle for the impersonation proxy endpoint. - type: string - secretName: - description: |- - SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - the TLS serving certificate for the Concierge impersonation proxy endpoint. - minLength: 1 - type: string - type: object - required: - - mode - - service - type: object - required: - - impersonationProxy - type: object - status: - description: CredentialIssuerStatus describes the status of the Concierge. - properties: - strategies: - description: List of integration strategies that were attempted by - Pinniped. - items: - description: CredentialIssuerStrategy describes the status of an - integration strategy that was attempted by Pinniped. - properties: - frontend: - description: Frontend describes how clients can connect using - this strategy. - properties: - impersonationProxyInfo: - description: |- - ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - This field is only set when Type is "ImpersonationProxy". - properties: - certificateAuthorityData: - description: CertificateAuthorityData is the base64-encoded - PEM CA bundle of the impersonation proxy. - minLength: 1 - type: string - endpoint: - description: Endpoint is the HTTPS endpoint of the impersonation - proxy. - minLength: 1 - pattern: ^https:// - type: string - required: - - certificateAuthorityData - - endpoint - type: object - tokenCredentialRequestInfo: - description: |- - TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - This field is only set when Type is "TokenCredentialRequestAPI". - properties: - certificateAuthorityData: - description: CertificateAuthorityData is the base64-encoded - Kubernetes API server CA bundle. - minLength: 1 - type: string - server: - description: Server is the Kubernetes API server URL. - minLength: 1 - pattern: ^https://|^http:// - type: string - required: - - certificateAuthorityData - - server - type: object - type: - description: Type describes which frontend mechanism clients - can use with a strategy. - enum: - - TokenCredentialRequestAPI - - ImpersonationProxy - type: string - required: - - type - type: object - lastUpdateTime: - description: When the status was last checked. - format: date-time - type: string - message: - description: Human-readable description of the current status. - minLength: 1 - type: string - reason: - description: Reason for the current status. - enum: - - Listening - - Pending - - Disabled - - ErrorDuringSetup - - CouldNotFetchKey - - CouldNotGetClusterInfo - - FetchedKey - type: string - status: - description: Status of the attempted integration strategy. - enum: - - Success - - Error - type: string - type: - description: Type of integration attempted. - enum: - - KubeClusterSigningCertificate - - ImpersonationProxy - type: string - required: - - lastUpdateTime - - message - - reason - - status - - type - type: object - type: array - required: - - strategies - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.26/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.26/crds/config.supervisor.pinniped.dev_federationdomains.yaml deleted file mode 100644 index 6b7729815..000000000 --- a/generated/1.26/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ /dev/null @@ -1,456 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: federationdomains.config.supervisor.pinniped.dev -spec: - group: config.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: FederationDomain - listKind: FederationDomainList - plural: federationdomains - singular: federationdomain - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: FederationDomain describes the configuration of an OIDC provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec of the OIDC provider. - properties: - identityProviders: - description: |- - IdentityProviders is the list of identity providers available for use by this FederationDomain. - - An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, - how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to - extract a normalized user identity. Normalized user identities include a username and a list of group names. - In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which - belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations - on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid - accidental conflicts when multiple identity providers have different users with the same username (e.g. - "idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication - rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow - the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could - disallow the authentication unless the user belongs to a specific group in the identity provider. - - For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, - an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which - exist in the same namespace, but also to reject all authentication requests when there is more than one identity - provider currently defined. In this backwards compatibility mode, the name of the identity provider resource - (e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this - FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of - relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead - explicitly list the identity provider using this IdentityProviders field. - items: - description: FederationDomainIdentityProvider describes how an identity - provider is made available in this FederationDomain. - properties: - displayName: - description: |- - DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the - kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a - disruptive change for those users. - minLength: 1 - type: string - objectRef: - description: |- - ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. - If the reference cannot be resolved then the identity provider will not be made available. - Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, - LDAPIdentityProvider, ActiveDirectoryIdentityProvider. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - transforms: - description: |- - Transforms is an optional way to specify transformations to be applied during user authentication and - session refresh. - properties: - constants: - description: Constants defines constant variables and their - values which will be made available to the transform expressions. - items: - description: |- - FederationDomainTransformsConstant defines a constant variable and its value which will be made available to - the transform expressions. This is a union type, and Type is the discriminator field. - properties: - name: - description: Name determines the name of the constant. - It must be a valid identifier name. - maxLength: 64 - minLength: 1 - pattern: ^[a-zA-Z][_a-zA-Z0-9]*$ - type: string - stringListValue: - description: StringListValue should hold the value - when Type is "stringList", and is otherwise ignored. - items: - type: string - type: array - stringValue: - description: StringValue should hold the value when - Type is "string", and is otherwise ignored. - type: string - type: - description: |- - Type determines the type of the constant, and indicates which other field should be non-empty. - Allowed values are "string" or "stringList". - enum: - - string - - stringList - type: string - required: - - name - - type - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - examples: - description: |- - Examples can optionally be used to ensure that the sequence of transformation expressions are working as - expected. Examples define sample input identities which are then run through the expression list, and the - results are compared to the expected results. If any example in this list fails, then this - identity provider will not be available for use within this FederationDomain, and the error(s) will be - added to the FederationDomain status. This can be used to help guard against programming mistakes in the - expressions, and also act as living documentation for other administrators to better understand the expressions. - items: - description: FederationDomainTransformsExample defines - a transform example. - properties: - expects: - description: |- - Expects is the expected output of the entire sequence of transforms when they are run against the - input Username and Groups. - properties: - groups: - description: Groups is the expected list of group - names after the transformations have been applied. - items: - type: string - type: array - message: - description: |- - Message is the expected error message of the transforms. When Rejected is true, then Message is the expected - message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, - then Message will be treated as the default error message for authentication attempts which are rejected by a - policy. When Rejected is false, then Message is the expected error message for some other non-policy - transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. - type: string - rejected: - description: |- - Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression - after the transformations have been applied. True means that it is expected that the authentication would be - rejected. The default value of false means that it is expected that the authentication would not be rejected - by any policy expression. - type: boolean - username: - description: Username is the expected username - after the transformations have been applied. - type: string - type: object - groups: - description: Groups is the input list of group names. - items: - type: string - type: array - username: - description: Username is the input username. - minLength: 1 - type: string - required: - - expects - - username - type: object - type: array - expressions: - description: |- - Expressions are an optional list of transforms and policies to be executed in the order given during every - authentication attempt, including during every session refresh. - Each is a CEL expression. It may use the basic CEL language as defined in - https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in - https://github.com/google/cel-go/tree/master/ext#strings. - - The username and groups extracted from the identity provider, and the constants defined in this CR, are - available as variables in all expressions. The username is provided via a variable called `username` and - the list of group names is provided via a variable called `groups` (which may be an empty list). - Each user-provided constants is provided via a variable named `strConst.varName` for string constants - and `strListConst.varName` for string list constants. - - The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. - Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated - and the authentication attempt is rejected. - Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the - username or group names. - Each username/v1 transform must return the new username (a string), which can be the same as the old username. - Transformations of type username/v1 do not return group names, and therefore cannot change the group names. - Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old - groups list. - Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. - After each expression, the new (potentially changed) username or groups get passed to the following expression. - - Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. - During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the - authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username - and group names have been decided for that authentication attempt. - items: - description: FederationDomainTransformsExpression defines - a transform expression. - properties: - expression: - description: Expression is a CEL expression that will - be evaluated based on the Type during an authentication. - minLength: 1 - type: string - message: - description: |- - Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects - an authentication attempt. When empty, a default message will be used. - type: string - type: - description: |- - Type determines the type of the expression. It must be one of the supported types. - Allowed values are "policy/v1", "username/v1", or "groups/v1". - enum: - - policy/v1 - - username/v1 - - groups/v1 - type: string - required: - - expression - - type - type: object - type: array - type: object - required: - - displayName - - objectRef - type: object - type: array - issuer: - description: |- - Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the - identifier that it will use for the iss claim in issued JWTs. This field will also be used as - the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is - https://example.com/foo, then your authorization endpoint will look like - https://example.com/foo/some/path/to/auth/endpoint). - - See - https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. - minLength: 1 - type: string - x-kubernetes-validations: - - message: issuer must be an HTTPS URL - rule: isURL(self) && url(self).getScheme() == 'https' - tls: - description: TLS specifies a secret which will contain Transport Layer - Security (TLS) configuration for the FederationDomain. - properties: - secretName: - description: |- - SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret - named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use - for TLS. - - Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. - - SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. - SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same - SecretName value even if they have different port numbers. - - SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is - configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). - It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to - use the default TLS certificate, which is configured elsewhere. - - When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. - type: string - type: object - required: - - issuer - type: object - status: - description: Status of the OIDC provider. - properties: - conditions: - description: Conditions represent the observations of an FederationDomain's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the FederationDomain. - enum: - - Pending - - Ready - - Error - type: string - secrets: - description: Secrets contains information about this OIDC Provider's - secrets. - properties: - jwks: - description: |- - JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are - stored. If it is empty, then the signing/verification keys are either unknown or they don't - exist. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - stateEncryptionKey: - description: |- - StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - encrypting state parameters is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - stateSigningKey: - description: |- - StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - signing state parameters is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - tokenSigningKey: - description: |- - TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - signing tokens is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 233ed95cf..000000000 --- a/generated/1.26/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,230 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: oidcclients.config.supervisor.pinniped.dev -spec: - group: config.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.allowedScopes[?(@ == "pinniped:request-audience")] - name: Privileged Scopes - type: string - - jsonPath: .status.totalClientSecrets - name: Client Secrets - type: integer - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: |- - allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this - client. - - Must only contain the following values: - - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to - authenticate users. This grant must always be listed. - - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. - This grant must be listed if allowedScopes lists offline_access. - - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, - which is a step in the process to be able to get a cluster credential for the user. - This grant must be listed if allowedScopes lists pinniped:request-audience. - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - allowedRedirectURIs: - description: |- - allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. - Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. - Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. - items: - pattern: ^https://.+|^http://(127\.0\.0\.1|\[::1\])(:\d+)?/ - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - allowedScopes: - description: |- - allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - - Must only contain the following values: - - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). - This scope must always be listed. - - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, - which is a step in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope is present. - This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - - username: The client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token will not contain the user's username. - - groups: The client is allowed to request that ID tokens contain the user's group membership, - if their group membership is discoverable by the Supervisor. - Without the groups scope being requested and allowed, the ID token will not contain groups. - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - tokenLifetimes: - description: tokenLifetimes are the optional overrides of token lifetimes - for an OIDCClient. - properties: - idTokenSeconds: - description: |- - idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of - ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID - tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. - This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens - short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the - external identity provider to decide if it is acceptable for the end user to continue their session, and will - update the end user's group memberships from the external identity provider. Giving these tokens a long life is - will allow the end user to continue to use a token while avoiding these updates from the external identity - provider. However, some web applications may have reasons specific to the design of that application to prefer - longer lifetimes. - format: int32 - maximum: 1800 - minimum: 120 - type: integer - type: object - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - properties: - conditions: - description: conditions represent the observations of an OIDCClient's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: phase summarizes the overall status of the OIDCClient. - enum: - - Pending - - Ready - - Error - type: string - totalClientSecrets: - description: totalClientSecrets is the current number of client secrets - that are detected for this OIDCClient. - format: int32 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml deleted file mode 100644 index 1abf4681b..000000000 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ /dev/null @@ -1,333 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: ActiveDirectoryIdentityProvider - listKind: ActiveDirectoryIdentityProviderList - plural: activedirectoryidentityproviders - singular: activedirectoryidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: ActiveDirectoryIdentityProvider describes the configuration of - an upstream Microsoft Active Directory identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - bind: - description: |- - Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server - to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the username and - password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be - of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - The password must be non-empty. - minLength: 1 - type: string - required: - - secretName - type: object - groupSearch: - description: GroupSearch contains the configuration for searching - for a user's group membership in ActiveDirectory. - properties: - attributes: - description: |- - Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as - the result of the group search. - properties: - groupName: - description: |- - GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name - in the user's list of groups after a successful authentication. - The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory - server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", - where domain is constructed from the domain components of the group DN. - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - "ou=groups,dc=example,dc=com". - Optional, when not specified it will be based on the result of a query for the defaultNamingContext - (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - The default behavior searches your entire domain for groups. - It may make sense to specify a subtree as a search base if you wish to exclude some groups - for security reasons or to make searches faster. - type: string - filter: - description: |- - Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. - The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - value of an attribute of the user entry found as a result of the user search. Which attribute's - value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". - For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the filter were specified as - "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". - This searches nested groups by default. - Note that nested group search can be slow for some Active Directory servers. To disable it, - you can set the filter to - "(&(objectClass=group)(member={})" - type: string - skipGroupRefresh: - description: |- - The user's group membership is refreshed as they interact with the supervisor - to obtain new credentials (as their old credentials expire). This allows group - membership changes to be quickly reflected into Kubernetes clusters. Since - group membership is often used to bind authorization policies, it is important - to keep the groups observed in Kubernetes clusters in-sync with the identity - provider. - - In some environments, frequent group membership queries may result in a - significant performance impact on the identity provider and/or the supervisor. - The best approach to handle performance impacts is to tweak the group query - to be more performant, for example by disabling nested group search or by - using a more targeted group search base. - - If the group search query cannot be made performant and you are willing to - have group memberships remain static for approximately a day, then set - skipGroupRefresh to true. This is an insecure configuration as authorization - policies that are bound to group membership will not notice if a user has - been removed from a particular group until their next login. - - This is an experimental feature that may be removed or significantly altered - in the future. Consumers of this configuration should carefully read all - release notes before upgrading to ensure that the meaning of this field has - not changed. - type: boolean - userAttributeForFilter: - description: |- - UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - For example, specifying "uid" as the UserAttributeForFilter while specifying - "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - type: string - type: object - host: - description: 'Host is the hostname of this Active Directory identity - provider, i.e., where to connect. For example: ldap.example.com:636.' - minLength: 1 - type: string - tls: - description: TLS contains the connection settings for how to establish - the connection to the Host. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userSearch: - description: UserSearch contains the configuration for searching for - a user by name in Active Directory. - properties: - attributes: - description: |- - Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as - the result of the user search. - properties: - uid: - description: |- - UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely - identify the user within this ActiveDirectory provider after a successful authentication. - Optional, when empty this defaults to "objectGUID". - type: string - username: - description: |- - Username specifies the name of the attribute in Active Directory entry whose value shall become the username - of the user after a successful authentication. - Optional, when empty this defaults to "userPrincipalName". - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for users. - E.g. "ou=users,dc=example,dc=com". - Optional, when not specified it will be based on the result of a query for the defaultNamingContext - (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - The default behavior searches your entire domain for users. - It may make sense to specify a subtree as a search base if you wish to exclude some users - or to make searches faster. - type: string - filter: - description: |- - Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur - in the filter at least once and will be dynamically replaced by the username for which the search is being run. - E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will be - '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' - This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, - and is not shown in advanced view only - (which would likely mean its a system created service account with advanced permissions). - Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. - type: string - type: object - required: - - host - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml deleted file mode 100644 index f6f1e1877..000000000 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ /dev/null @@ -1,324 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: ldapidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: LDAPIdentityProvider - listKind: LDAPIdentityProviderList - plural: ldapidentityproviders - singular: ldapidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access - Protocol (LDAP) identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - bind: - description: |- - Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server - to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the username and - password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be - of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - The password must be non-empty. - minLength: 1 - type: string - required: - - secretName - type: object - groupSearch: - description: GroupSearch contains the configuration for searching - for a user's group membership in the LDAP provider. - properties: - attributes: - description: |- - Attributes specifies how the group's information should be read from each LDAP entry which was found as - the result of the group search. - properties: - groupName: - description: |- - GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name - in the user's list of groups after a successful authentication. - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and - authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, - the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. - type: string - filter: - description: |- - Filter is the LDAP search filter which should be applied when searching for groups for a user. - The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - value of an attribute of the user entry found as a result of the user search. Which attribute's - value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - For more information about LDAP filters, see https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the Filter were specified as "member={}". - type: string - skipGroupRefresh: - description: |- - The user's group membership is refreshed as they interact with the supervisor - to obtain new credentials (as their old credentials expire). This allows group - membership changes to be quickly reflected into Kubernetes clusters. Since - group membership is often used to bind authorization policies, it is important - to keep the groups observed in Kubernetes clusters in-sync with the identity - provider. - - In some environments, frequent group membership queries may result in a - significant performance impact on the identity provider and/or the supervisor. - The best approach to handle performance impacts is to tweak the group query - to be more performant, for example by disabling nested group search or by - using a more targeted group search base. - - If the group search query cannot be made performant and you are willing to - have group memberships remain static for approximately a day, then set - skipGroupRefresh to true. This is an insecure configuration as authorization - policies that are bound to group membership will not notice if a user has - been removed from a particular group until their next login. - - This is an experimental feature that may be removed or significantly altered - in the future. Consumers of this configuration should carefully read all - release notes before upgrading to ensure that the meaning of this field has - not changed. - type: boolean - userAttributeForFilter: - description: |- - UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - For example, specifying "uid" as the UserAttributeForFilter while specifying - "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - type: string - type: object - host: - description: 'Host is the hostname of this LDAP identity provider, - i.e., where to connect. For example: ldap.example.com:636.' - minLength: 1 - type: string - tls: - description: TLS contains the connection settings for how to establish - the connection to the Host. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userSearch: - description: UserSearch contains the configuration for searching for - a user by name in the LDAP provider. - properties: - attributes: - description: |- - Attributes specifies how the user's information should be read from the LDAP entry which was found as - the result of the user search. - properties: - uid: - description: |- - UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely - identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. Distinguished names can be used by specifying lower-case "dn". - minLength: 1 - type: string - username: - description: |- - Username specifies the name of the attribute in the LDAP entry whose value shall become the username - of the user after a successful authentication. This would typically be the same attribute name used in - the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field - is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default - value of "dn={}" would not work. - minLength: 1 - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for users. - E.g. "ou=users,dc=example,dc=com". - minLength: 1 - type: string - filter: - description: |- - Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur - in the filter at least once and will be dynamically replaced by the username for which the search is being run. - E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the Filter were specified as the value from - Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be - explicitly specified, since the default value of "dn={}" would not work. - type: string - type: object - required: - - host - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the LDAPIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.27/README.adoc b/generated/1.27/README.adoc deleted file mode 100644 index c485b28f2..000000000 --- a/generated/1.27/README.adoc +++ /dev/null @@ -1,2726 +0,0 @@ -// Generated documentation. Please do not edit. -:anchor_prefix: k8s-api - -[id="{p}-api-reference"] -== API Reference - -.Packages -- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-clientsecret-supervisor-pinniped-dev-clientsecret[$$clientsecret.supervisor.pinniped.dev/clientsecret$$] -- xref:{anchor_prefix}-clientsecret-supervisor-pinniped-dev-v1alpha1[$$clientsecret.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1[$$config.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1[$$config.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-identity-concierge-pinniped-dev-identity[$$identity.concierge.pinniped.dev/identity$$] -- xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] - - -[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] -=== authentication.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] -==== CertificateAuthorityDataSourceKind (string) - -CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] -==== CertificateAuthorityDataSourceSpec - -CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + -Allowed values are "Secret" or "ConfigMap". + -"ConfigMap" uses a Kubernetes configmap to source CA Bundles. + -"Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + -| *`name`* __string__ | Name is the resource name of the secret or configmap from which to read the CA bundle. + -The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. + -| *`key`* __string__ | Key is the key name within the secret or configmap from which to read the CA bundle. + -The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded + -certificate bundle. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-claimvalidationrule"] -==== ClaimValidationRule - -ClaimValidationRule provides the configuration for a single claim validation rule. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`claim`* __string__ | claim is the name of a required claim. + -Only string claim keys are supported. + -Mutually exclusive with expression and message. + -| *`requiredValue`* __string__ | requiredValue is the value of a required claim. + -Only string claim values are supported. + -If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. + -Mutually exclusive with expression and message. + -| *`expression`* __string__ | expression represents the expression which will be evaluated by CEL. + -Must produce a boolean. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + -Must return true for the validation to pass. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with claim and requiredValue. + -| *`message`* __string__ | message customizes the returned error message when expression returns false. + -message is a literal string. + -Mutually exclusive with claim and requiredValue. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-extramapping"] -==== ExtraMapping - -ExtraMapping provides the configuration for a single extra mapping. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`key`* __string__ | key is a string to use as the extra attribute key. + -key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid + -subdomain as defined by RFC 1123. All characters trailing the first "/" must + -be valid HTTP Path characters as defined by RFC 3986. + -key must be lowercase. + -Required to be unique. + -Additionally, the key must not contain an equals sign ("="). + -| *`valueExpression`* __string__ | valueExpression is a CEL expression to extract extra attribute value. + -valueExpression must produce a string or string array value. + -"", [], and null values are treated as the extra mapping not being present. + -Empty string values contained within a string array are filtered out. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticator"] -==== JWTAuthenticator - -JWTAuthenticator describes the configuration of a JWT authenticator. - -Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid -signature, existence of claims, etc.) and extract the username and groups from the token. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] -==== JWTAuthenticatorPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] -==== JWTAuthenticatorSpec - -JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + -also used to validate the "iss" JWT claim. + -| *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + -for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + -This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + -https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, mistakes in this + -configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + -These allow invariants to be applied to incoming identities such as preventing the + -use of the system: prefix that is commonly used by Kubernetes components. + -The validation rules are logically ANDed together and must all return true for the validation to pass. + -This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + -https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, mistakes in this + -configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] -==== JWTAuthenticatorStatus - -JWTAuthenticatorStatus is the status of a JWT authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwttokenclaims"] -==== JWTTokenClaims - -JWTTokenClaims allows customization of the claims that will be mapped to user identity -for Kubernetes access. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | username is the name of the claim which should be read to extract the + -username from the JWT token. When not specified, it will default to "username", + -unless usernameExpression is specified. + - -Mutually exclusive with usernameExpression. Use either username or usernameExpression to + -determine the user's username from the JWT token. + -| *`usernameExpression`* __string__ | usernameExpression represents an expression which will be evaluated by CEL. + -The expression's result will become the user's username. + - -usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to the expected type without errors, or else the user's login will fail. + -Additionally, mistakes in this configuration can cause the users to have unintended usernames. + - -The expression must produce a non-empty string value. + -If the expression uses 'claims.email', then 'claims.email_verified' must be used in + -the expression or extra[*].valueExpression or claimValidationRules[*].expression. + -An example claim validation rule expression that matches the validation automatically + -applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. + -By explicitly comparing the value to true, we let type-checking see the result will be a boolean, + -and to make sure a non-boolean email_verified claim will be caught at runtime. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with username. Use either username or usernameExpression to + -determine the user's username from the JWT token. + -| *`groups`* __string__ | groups is the name of the claim which should be read to extract the user's + -group membership from the JWT token. When not specified, it will default to "groups", + -unless groupsExpression is specified. + - -Mutually exclusive with groupsExpression. Use either groups or groupsExpression to + -determine the user's group membership from the JWT token. + -| *`groupsExpression`* __string__ | groupsExpression represents an expression which will be evaluated by CEL. + -The expression's result will become the user's group memberships. + - -groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to one of the expected types without errors, or else the user's login will fail. + -Additionally, mistakes in this configuration can cause the users to have unintended group memberships. + - -The expression must produce a string or string array value. + -"", [], and null values are treated as the group mapping not being present. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with groups. Use either groups or groupsExpression to + -determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + - -However, note that the Pinniped Concierge issues client certificates to users for the purpose + -of authenticating, and the Kubernetes API server does not have any mechanism for transmitting + -auth extras via client certificates. When configured, these extras will appear in client + -certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational + -Units (OU). However, when this client certificate is presented to Kubernetes for authentication, + -Kubernetes will ignore these extras. This is probably only useful if you are using a custom + -authenticating proxy in front of your Kubernetes API server which can translate these OUs into + -auth extras, as described by + -https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to either a string or an array of strings, or else the user's login will fail. + - -These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). + - -expression must produce a string or string array value. + -If the value is empty, the extra mapping will not be present. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -hard-coded extra key/value + -- key: "acme.io/foo" + -valueExpression: "'bar'" + -This will result in an extra attribute - acme.io/foo: ["bar"] + - -hard-coded key, value copying claim value + -- key: "acme.io/foo" + -valueExpression: "claims.some_claim" + -This will result in an extra attribute - acme.io/foo: [value of some_claim] + - -hard-coded key, value derived from claim value + -- key: "acme.io/admin" + -valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' + -This will result in: + -- if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] + -- if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-tlsspec"] -==== TLSSpec - -TLSSpec provides TLS configuration on various authenticators. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + -Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-uservalidationrule"] -==== UserValidationRule - -UserValidationRule provides the configuration for a single user info validation rule. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`expression`* __string__ | expression represents the expression which will be evaluated by CEL. + -Must return true for the validation to pass. + - -CEL expressions have access to the contents of UserInfo, organized into CEL variable: + -- 'user' - authentication.k8s.io/v1, Kind=UserInfo object + -Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. + -API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + -| *`message`* __string__ | message customizes the returned error message when rule returns false. + -message is a literal string. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticator"] -==== WebhookAuthenticator - -WebhookAuthenticator describes the configuration of a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] -==== WebhookAuthenticatorPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] -==== WebhookAuthenticatorSpec - -Spec for configuring a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] -==== WebhookAuthenticatorStatus - -Status of a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + -|=== - - - -[id="{anchor_prefix}-clientsecret-supervisor-pinniped-dev-clientsecret"] -=== clientsecret.supervisor.pinniped.dev/clientsecret - -Package clientsecret is the internal version of the Pinniped client secret API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequest"] -==== OIDCClientSecretRequest - -OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] -==== OIDCClientSecretRequestSpec - -Spec of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`GenerateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. + -| *`RevokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] -==== OIDCClientSecretRequestStatus - -Status of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`GeneratedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. + -| *`TotalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - - -[id="{anchor_prefix}-clientsecret-supervisor-pinniped-dev-v1alpha1"] -=== clientsecret.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] -==== OIDCClientSecretRequest - -OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] -==== OIDCClientSecretRequestSpec - -Spec of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. + -| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] -==== OIDCClientSecretRequestStatus - -Status of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. + -| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - - -[id="{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1"] -=== config.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuer"] -==== CredentialIssuer - -CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerfrontend"] -==== CredentialIssuerFrontend - -CredentialIssuerFrontend describes how to connect using a particular integration strategy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + -This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + -This field is only set when Type is "ImpersonationProxy". + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerspec"] -==== CredentialIssuerSpec - -CredentialIssuerSpec describes the intended configuration of the Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstatus"] -==== CredentialIssuerStatus - -CredentialIssuerStatus describes the status of the Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy"] -==== CredentialIssuerStrategy - -CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + -| *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-frontendtype"] -==== FrontendType (string) - -FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyinfo"] -==== ImpersonationProxyInfo - -ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Endpoint is the HTTPS endpoint of the impersonation proxy. + -| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxymode"] -==== ImpersonationProxyMode (string) - -ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. -Allowed values are "auto", "enabled", or "disabled". - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] -==== ImpersonationProxyServiceSpec - -ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + - -If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + -value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + -| *`loadBalancerIP`* __string__ | LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. + -This is not supported on all cloud providers. + -| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] -==== ImpersonationProxyServiceType (string) - -ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. -Allowed values are "LoadBalancer", "ClusterIP", or "None". - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyspec"] -==== ImpersonationProxySpec - -ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + -- "disabled" explicitly disables the impersonation proxy. This is the default. + -- "enabled" explicitly enables the impersonation proxy. + -- "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + -| *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + -be served using the external name of the LoadBalancer service or the cluster service DNS name. + - -This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + - -If this field is empty, the impersonation proxy will generate its own TLS certificate. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] -==== ImpersonationProxyTLSSpec - -ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should -serve TLS. - -If CertificateAuthorityData is not provided, the Concierge impersonation proxy will check the secret -for a field called "ca.crt", which will be used as the CertificateAuthorityData. - -If neither CertificateAuthorityData nor ca.crt is provided, no CA bundle will be advertised for -the impersonation proxy endpoint. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). + -Used to advertise the CA bundle for the impersonation proxy endpoint. + -| *`secretName`* __string__ | SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + -the TLS serving certificate for the Concierge impersonation proxy endpoint. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategyreason"] -==== StrategyReason (string) - -StrategyReason enumerates the detailed reason why a strategy is in a particular status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategystatus"] -==== StrategyStatus (string) - -StrategyStatus enumerates whether a strategy is working on a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-strategytype"] -==== StrategyType (string) - -StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] -==== TokenCredentialRequestAPIInfo - -TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`server`* __string__ | Server is the Kubernetes API server URL. + -| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. + -|=== - - - -[id="{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1"] -=== config.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomain"] -==== FederationDomain - -FederationDomain describes the configuration of an OIDC provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] -==== FederationDomainIdentityProvider - -FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + -kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + -disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + -If the reference cannot be resolved then the identity provider will not be made available. + -Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + -LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + -session refresh. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainphase"] -==== FederationDomainPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainsecrets"] -==== FederationDomainSecrets - -FederationDomainSecrets holds information about this OIDC Provider's secrets. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + -stored. If it is empty, then the signing/verification keys are either unknown or they don't + -exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -encrypting state parameters is stored. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainspec"] -==== FederationDomainSpec - -FederationDomainSpec is a struct that describes an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the + -identifier that it will use for the iss claim in issued JWTs. This field will also be used as + -the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is + -https://example.com/foo, then your authorization endpoint will look like + -https://example.com/foo/some/path/to/auth/endpoint). + - -See + -https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + - -An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + -how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + -extract a normalized user identity. Normalized user identities include a username and a list of group names. + -In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which + -belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations + -on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid + -accidental conflicts when multiple identity providers have different users with the same username (e.g. + -"idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication + -rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow + -the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could + -disallow the authentication unless the user belongs to a specific group in the identity provider. + - -For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, + -an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which + -exist in the same namespace, but also to reject all authentication requests when there is more than one identity + -provider currently defined. In this backwards compatibility mode, the name of the identity provider resource + -(e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this + -FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of + -relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead + -explicitly list the identity provider using this IdentityProviders field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainstatus"] -==== FederationDomainStatus - -FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] -==== FederationDomainTLSSpec - -FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + -the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret + -named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use + -for TLS. + - -Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + - -SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. + -SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same + -SecretName value even if they have different port numbers. + - -SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is + -configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). + -It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to + -use the default TLS certificate, which is configured elsewhere. + - -When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransforms"] -==== FederationDomainTransforms - -FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + -authentication attempt, including during every session refresh. + -Each is a CEL expression. It may use the basic CEL language as defined in + -https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + -https://github.com/google/cel-go/tree/master/ext#strings. + - -The username and groups extracted from the identity provider, and the constants defined in this CR, are + -available as variables in all expressions. The username is provided via a variable called `username` and + -the list of group names is provided via a variable called `groups` (which may be an empty list). + -Each user-provided constants is provided via a variable named `strConst.varName` for string constants + -and `strListConst.varName` for string list constants. + - -The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. + -Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated + -and the authentication attempt is rejected. + -Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the + -username or group names. + -Each username/v1 transform must return the new username (a string), which can be the same as the old username. + -Transformations of type username/v1 do not return group names, and therefore cannot change the group names. + -Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old + -groups list. + -Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. + -After each expression, the new (potentially changed) username or groups get passed to the following expression. + - -Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. + -During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + -authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + -and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + -expected. Examples define sample input identities which are then run through the expression list, and the + -results are compared to the expected results. If any example in this list fails, then this + -identity provider will not be available for use within this FederationDomain, and the error(s) will be + -added to the FederationDomain status. This can be used to help guard against programming mistakes in the + -expressions, and also act as living documentation for other administrators to better understand the expressions. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] -==== FederationDomainTransformsConstant - -FederationDomainTransformsConstant defines a constant variable and its value which will be made available to -the transform expressions. This is a union type, and Type is the discriminator field. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`name`* __string__ | Name determines the name of the constant. It must be a valid identifier name. + -| *`type`* __string__ | Type determines the type of the constant, and indicates which other field should be non-empty. + -Allowed values are "string" or "stringList". + -| *`stringValue`* __string__ | StringValue should hold the value when Type is "string", and is otherwise ignored. + -| *`stringListValue`* __string array__ | StringListValue should hold the value when Type is "stringList", and is otherwise ignored. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] -==== FederationDomainTransformsExample - -FederationDomainTransformsExample defines a transform example. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username is the input username. + -| *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + -input Username and Groups. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] -==== FederationDomainTransformsExampleExpects - -FederationDomainTransformsExampleExpects defines the expected result for a transforms example. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username is the expected username after the transformations have been applied. + -| *`groups`* __string array__ | Groups is the expected list of group names after the transformations have been applied. + -| *`rejected`* __boolean__ | Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression + -after the transformations have been applied. True means that it is expected that the authentication would be + -rejected. The default value of false means that it is expected that the authentication would not be rejected + -by any policy expression. + -| *`message`* __string__ | Message is the expected error message of the transforms. When Rejected is true, then Message is the expected + -message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, + -then Message will be treated as the default error message for authentication attempts which are rejected by a + -policy. When Rejected is false, then Message is the expected error message for some other non-policy + -transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] -==== FederationDomainTransformsExpression - -FederationDomainTransformsExpression defines a transform expression. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | Type determines the type of the expression. It must be one of the supported types. + -Allowed values are "policy/v1", "username/v1", or "groups/v1". + -| *`expression`* __string__ | Expression is a CEL expression that will be evaluated based on the Type during an authentication. + -| *`message`* __string__ | Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects + -an authentication attempt. When empty, a default message will be used. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-granttype"] -==== GrantType (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientphase"] -==== OIDCClientPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + -client. Any other uris will be rejected. + -Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + -Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + -client. + - -Must only contain the following values: + -- authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to + -authenticate users. This grant must always be listed. + -- refresh_token: allows the client to perform refresh grants for the user to extend the user's session. + -This grant must be listed if allowedScopes lists offline_access. + -- urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + -which is a step in the process to be able to get a cluster credential for the user. + -This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + - -Must only contain the following values: + -- openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + -This scope must always be listed. + -- offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. + -This scope must be listed if allowedGrantTypes lists refresh_token. + -- pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, + -which is a step in the process to be able to get a cluster credential for the user. + -openid, username and groups scopes must be listed when this scope is present. + -This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. + -- username: The client is allowed to request that ID tokens contain the user's username. + -Without the username scope being requested and allowed, the ID token will not contain the user's username. + -- groups: The client is allowed to request that ID tokens contain the user's group membership, + -if their group membership is discoverable by the Supervisor. + -Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientstatus"] -==== OIDCClientStatus - -OIDCClientStatus is a struct that describes the actual state of an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + -| *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] -==== OIDCClientTokenLifetimes - -OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`idTokenSeconds`* __integer__ | idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of + -ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID + -tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. + -This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens + -short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the + -external identity provider to decide if it is acceptable for the end user to continue their session, and will + -update the end user's group memberships from the external identity provider. Giving these tokens a long life is + -will allow the end user to continue to use a token while avoiding these updates from the external identity + -provider. However, some web applications may have reasons specific to the design of that application to prefer + -longer lifetimes. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-redirecturi"] -==== RedirectURI (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-scope"] -==== Scope (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - - -[id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] -=== identity.concierge.pinniped.dev/identity - -Package identity is the internal version of the Pinniped identity API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-extravalue"] -==== ExtraValue (string array) - -ExtraValue masks the value so protobuf can generate - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-userinfo[$$UserInfo$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-kubernetesuserinfo"] -==== KubernetesUserInfo - -KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -Copied from the Kubernetes token review API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + -| *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-userinfo"] -==== UserInfo - -UserInfo holds the information about the user needed to implement the -user.Info interface. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`Username`* __string__ | The name that uniquely identifies this user among all active users. + -| *`UID`* __string__ | A unique value that identifies this user across time. If this user is + -deleted and another user by the same name is added, they will have + -different UIDs. + -| *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequest"] -==== WhoAmIRequest - -WhoAmIRequest submits a request to echo back the current authenticated user. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequestspec"] -==== WhoAmIRequestSpec - -Spec is always empty for a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequeststatus"] -==== WhoAmIRequestStatus - -Status is set by the server in the response to a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + -|=== - - - -[id="{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1"] -=== identity.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-extravalue"] -==== ExtraValue (string array) - -ExtraValue masks the value so protobuf can generate - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] -==== KubernetesUserInfo - -KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -Copied from the Kubernetes token review API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + -| *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-userinfo"] -==== UserInfo - -UserInfo holds the information about the user needed to implement the -user.Info interface. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | The name that uniquely identifies this user among all active users. + -| *`uid`* __string__ | A unique value that identifies this user across time. If this user is + -deleted and another user by the same name is added, they will have + -different UIDs. + -| *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequest"] -==== WhoAmIRequest - -WhoAmIRequest submits a request to echo back the current authenticated user. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequestspec"] -==== WhoAmIRequestSpec - -Spec is always empty for a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequeststatus"] -==== WhoAmIRequestStatus - -Status is set by the server in the response to a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + -|=== - - - -[id="{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1"] -=== idp.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] -==== ActiveDirectoryIdentityProvider - -ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] -==== ActiveDirectoryIdentityProviderBind - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and + -password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be + -of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + -should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + -The password must be non-empty. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] -==== ActiveDirectoryIdentityProviderGroupSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + -"ou=groups,dc=example,dc=com". + -Optional, when not specified it will be based on the result of a query for the defaultNamingContext + -(see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + -The default behavior searches your entire domain for groups. + -It may make sense to specify a subtree as a search base if you wish to exclude some groups + -for security reasons or to make searches faster. + -| *`filter`* __string__ | Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. + -The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + -value of an attribute of the user entry found as a result of the user search. Which attribute's + -value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. + -E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". + -For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the filter were specified as + -"(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + -This searches nested groups by default. + -Note that nested group search can be slow for some Active Directory servers. To disable it, + -you can set the filter to + -"(&(objectClass=group)(member={})" + -| *`userAttributeForFilter`* __string__ | UserAttributeForFilter specifies which attribute's value from the user entry found as a result of + -the user search will be used to replace the "{}" placeholder(s) in the group search Filter. + -For example, specifying "uid" as the UserAttributeForFilter while specifying + -"&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing + -the "{}" placeholder in the Filter with the value of the user's "uid" attribute. + -Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + -UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + -would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + -the result of the group search. + -| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + -to obtain new credentials (as their old credentials expire). This allows group + -membership changes to be quickly reflected into Kubernetes clusters. Since + -group membership is often used to bind authorization policies, it is important + -to keep the groups observed in Kubernetes clusters in-sync with the identity + -provider. + - -In some environments, frequent group membership queries may result in a + -significant performance impact on the identity provider and/or the supervisor. + -The best approach to handle performance impacts is to tweak the group query + -to be more performant, for example by disabling nested group search or by + -using a more targeted group search base. + - -If the group search query cannot be made performant and you are willing to + -have group memberships remain static for approximately a day, then set + -skipGroupRefresh to true. This is an insecure configuration as authorization + -policies that are bound to group membership will not notice if a user has + -been removed from a particular group until their next login. + - -This is an experimental feature that may be removed or significantly altered + -in the future. Consumers of this configuration should carefully read all + -release notes before upgrading to ensure that the meaning of this field has + -not changed. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] -==== ActiveDirectoryIdentityProviderGroupSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groupName`* __string__ | GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name + -in the user's list of groups after a successful authentication. + -The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory + -server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + -Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", + -where domain is constructed from the domain components of the group DN. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] -==== ActiveDirectoryIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] -==== ActiveDirectoryIdentityProviderSpec - -Spec for configuring an ActiveDirectory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + -to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] -==== ActiveDirectoryIdentityProviderStatus - -Status of an Active Directory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] -==== ActiveDirectoryIdentityProviderUserSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. + -E.g. "ou=users,dc=example,dc=com". + -Optional, when not specified it will be based on the result of a query for the defaultNamingContext + -(see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + -The default behavior searches your entire domain for users. + -It may make sense to specify a subtree as a search base if you wish to exclude some users + -or to make searches faster. + -| *`filter`* __string__ | Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur + -in the filter at least once and will be dynamically replaced by the username for which the search is being run. + -E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + -https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will be + -'(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(\|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + -This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, + -and is not shown in advanced view only + -(which would likely mean its a system created service account with advanced permissions). + -Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + -the result of the user search. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] -==== ActiveDirectoryIdentityProviderUserSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username specifies the name of the attribute in Active Directory entry whose value shall become the username + -of the user after a successful authentication. + -Optional, when empty this defaults to "userPrincipalName". + -| *`uid`* __string__ | UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely + -identify the user within this ActiveDirectory provider after a successful authentication. + -Optional, when empty this defaults to "objectGUID". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] -==== CertificateAuthorityDataSourceKind (string) - -CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] -==== CertificateAuthorityDataSourceSpec - -CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + -Allowed values are "Secret" or "ConfigMap". + -"ConfigMap" uses a Kubernetes configmap to source CA Bundles. + -"Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + -| *`name`* __string__ | Name is the resource name of the secret or configmap from which to read the CA bundle. + -The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. + -| *`key`* __string__ | Key is the key name within the secret or configmap from which to read the CA bundle. + -The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded + -certificate bundle. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubapiconfig"] -==== GitHubAPIConfig - -GitHubAPIConfig allows configuration for GitHub Enterprise Server - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is required only for GitHub Enterprise Server. + -Defaults to using GitHub's public API ("github.com"). + -For convenience, specifying "github.com" is equivalent to specifying "api.github.com". + -Do not specify a protocol or scheme since "https://" will always be used. + -Port is optional. Do not specify a path, query, fragment, or userinfo. + -Only specify domain name or IP address, subdomains (optional), and port (optional). + -IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + -in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + -Note that this field should not be needed when using GitHub's public API ("github.com"). + -However, if you choose to specify this field when using GitHub's public API, you must + -specify a CA bundle that will verify connections to "api.github.com". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] -==== GitHubAllowAuthenticationSpec - -GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] -==== GitHubAllowedAuthOrganizationsPolicy (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclaims"] -==== GitHubClaims - -GitHubClaims allows customization of the username and groups claims. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + - -Can be either "id", "login", or "login:id". Defaults to "login:id". + - -GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, + -and may not start or end with hyphens. GitHub users are allowed to change their login name, + -although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", + -then a second user might change their name from "baz" to "foo" in order to take the old + -username of the first user. For this reason, it is not as safe to make authorization decisions + -based only on the user's login attribute. + - -If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's + -FederationDomain to further customize how these usernames are presented to Kubernetes. + - -Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and + -unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value + -from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable + -choice to concatenate the two values. + - -See the response schema for + -[Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + - -Can be either "name" or "slug". Defaults to "slug". + - -GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). + - -GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). + - -Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a + -forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters + -or single hyphens, so the first forward slash `/` will be the separator between the organization login name and + -the team name or slug. + - -If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's + -FederationDomain to further customize how these group names are presented to Kubernetes. + - -See the response schema for + -[List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclientspec"] -==== GitHubClientSpec - -GitHubClientSpec contains information about the GitHub client that this identity provider will use -for web-based login flows. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and + -clientSecret for an GitHub App or GitHub OAuth2 client. + - -This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] -==== GitHubGroupNameAttribute (string) - -GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group -names to present to Kubernetes. See the response schema for -[List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityprovider"] -==== GitHubIdentityProvider - -GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. -This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. - -Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured -as OIDCClients. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] -==== GitHubIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] -==== GitHubIdentityProviderSpec - -GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] -==== GitHubIdentityProviderStatus - -GitHubIdentityProviderStatus is the status of an GitHub identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] -==== GitHubOrganizationsSpec - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + -Defaults to "OnlyUsersFromAllowedOrganizations". + - -Must be set to "AllGitHubUsers" if the allowed field is empty. + - -This field only exists to ensure that Pinniped administrators are aware that an empty list of + -allowedOrganizations means all GitHub users are allowed to log in. + -| *`allowed`* __string array__ | Allowed, when specified, indicates that only users with membership in at least one of the listed + -GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include + -teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be + -provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. + - -The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, + -otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams + -within that organization. + - -If no organizations are listed, you must set organizations: AllGitHubUsers. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubusernameattribute"] -==== GitHubUsernameAttribute (string) - -GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present -to Kubernetes. See the response schema for -[Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] -==== LDAPIdentityProvider - -LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access -Protocol (LDAP) identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] -==== LDAPIdentityProviderBind - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and + -password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be + -of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + -should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + -The password must be non-empty. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] -==== LDAPIdentityProviderGroupSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + -"ou=groups,dc=example,dc=com". When not specified, no group search will be performed and + -authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, + -the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. + -| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for groups for a user. + -The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + -value of an attribute of the user entry found as a result of the user search. Which attribute's + -value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. + -For more information about LDAP filters, see https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the Filter were specified as "member={}". + -| *`userAttributeForFilter`* __string__ | UserAttributeForFilter specifies which attribute's value from the user entry found as a result of + -the user search will be used to replace the "{}" placeholder(s) in the group search Filter. + -For example, specifying "uid" as the UserAttributeForFilter while specifying + -"&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing + -the "{}" placeholder in the Filter with the value of the user's "uid" attribute. + -Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + -UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + -would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + -the result of the group search. + -| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + -to obtain new credentials (as their old credentials expire). This allows group + -membership changes to be quickly reflected into Kubernetes clusters. Since + -group membership is often used to bind authorization policies, it is important + -to keep the groups observed in Kubernetes clusters in-sync with the identity + -provider. + - -In some environments, frequent group membership queries may result in a + -significant performance impact on the identity provider and/or the supervisor. + -The best approach to handle performance impacts is to tweak the group query + -to be more performant, for example by disabling nested group search or by + -using a more targeted group search base. + - -If the group search query cannot be made performant and you are willing to + -have group memberships remain static for approximately a day, then set + -skipGroupRefresh to true. This is an insecure configuration as authorization + -policies that are bound to group membership will not notice if a user has + -been removed from a particular group until their next login. + - -This is an experimental feature that may be removed or significantly altered + -in the future. Consumers of this configuration should carefully read all + -release notes before upgrading to ensure that the meaning of this field has + -not changed. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] -==== LDAPIdentityProviderGroupSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groupName`* __string__ | GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name + -in the user's list of groups after a successful authentication. + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + -Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] -==== LDAPIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] -==== LDAPIdentityProviderSpec - -Spec for configuring an LDAP identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + -to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] -==== LDAPIdentityProviderStatus - -Status of an LDAP identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] -==== LDAPIdentityProviderUserSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. + -E.g. "ou=users,dc=example,dc=com". + -| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur + -in the filter at least once and will be dynamically replaced by the username for which the search is being run. + -E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + -https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the Filter were specified as the value from + -Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + -explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + -the result of the user search. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] -==== LDAPIdentityProviderUserSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username specifies the name of the attribute in the LDAP entry whose value shall become the username + -of the user after a successful authentication. This would typically be the same attribute name used in + -the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field + -is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default + -value of "dn={}" would not work. + -| *`uid`* __string__ | UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely + -identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. Distinguished names can be used by specifying lower-case "dn". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] -==== OIDCAuthorizationConfig - -OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization -request parameters. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`additionalScopes`* __string array__ | additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization + -request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials + -Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is + -always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request + -the following scopes: "openid", "offline_access", "email", and "profile". See + -https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" + -scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the + -"offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, + -or as common patterns used by providers who implement the standard in the ecosystem evolve. + -By setting this list to anything other than an empty list, you are overriding the + -default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. + -If you do not want any of these scopes to be requested, you may set this list to contain only "openid". + -Some OIDC providers may also require a scope to get access to the user's group membership, in which case you + -may wish to include it in this list. Sometimes the scope to request the user's group membership is called + -"groups", but unfortunately this is not specified in the OIDC standard. + -Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by + -your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in + -the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See + -your OIDC provider's documentation for more information about what scopes are available to request claims. + -Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor + -from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be + -"offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its + -requirements for what to include in the request in order to receive a refresh token in the response, if anything. + -Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider + -may ignore scopes that it does not understand or require (see + -https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + -"offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + -provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + -OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + -parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + -"state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + -included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. + -The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user + -should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting + -ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. + -This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password + -Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the + -Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" + -parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's + -authorization endpoint for its requirements for what to include in the request in order to receive a refresh + -token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, + -then include it here. Also note that most providers also require a certain scope to be requested in order to + -receive refresh tokens. See the additionalScopes setting for more information about using scopes to request + -refresh tokens. + -| *`allowPasswordGrant`* __boolean__ | allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant + -(see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a + -username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. + -The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be + -supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password + -Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose + -to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the + -cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be + -convenient for users, especially for identities from your OIDC provider which are not intended to represent a human + -actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, + -you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this + -OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password + -Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords + -(similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other + -web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. + -allowPasswordGrant defaults to false. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcclaims"] -==== OIDCClaims - -OIDCClaims provides a mapping from upstream claims into identities. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groups`* __string__ | Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain + -the groups to which an identity belongs. By default, the identities will not include any group memberships when + -this setting is not configured. + -| *`username`* __string__ | Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to + -ascertain an identity's username. When not set, the username will be an automatically constructed unique string + -which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from + -the ID token. + -| *`additionalClaimMappings`* __object (keys:string, values:string)__ | AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the + -"additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of + -new claim names as the keys, and upstream claim names as the values. These new claim names will be nested + -under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this + -OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. + -This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be + -used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims + -are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient contains information about an OIDC client (e.g., client ID and client -secret). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and + -clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient + -struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys + -"clientID" and "clientSecret". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] -==== OIDCIdentityProvider - -OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] -==== OIDCIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] -==== OIDCIdentityProviderSpec - -OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + -/.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + -parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + -this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + -provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] -==== OIDCIdentityProviderStatus - -OIDCIdentityProviderStatus is the status of an OIDC identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-parameter"] -==== Parameter - -Parameter is a key/value pair which represents a parameter in an HTTP request. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`name`* __string__ | The name of the parameter. Required. + -| *`value`* __string__ | The value of the parameter. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-tlsspec"] -==== TLSSpec - -TLSSpec provides TLS configuration for identity provider integration. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + -Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + -|=== - - - -[id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] -=== login.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped login API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-clustercredential"] -==== ClusterCredential - -ClusterCredential is the cluster-specific credential returned on a successful credential request. It -contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + -| *`token`* __string__ | Token is a bearer token used by the client for request authentication. + -| *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + -| *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequest"] -==== TokenCredentialRequest - -TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] -==== TokenCredentialRequestSpec - -Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] -==== TokenCredentialRequestStatus - -Status of a TokenCredentialRequest, returned on responses to the Pinniped API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-27-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + -| *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + -|=== - - diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/doc.go b/generated/1.27/apis/concierge/identity/v1alpha1/doc.go deleted file mode 100644 index 7c67a7a98..000000000 --- a/generated/1.27/apis/concierge/identity/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.27/apis/concierge/identity -// +k8s:defaulter-gen=TypeMeta -// +groupName=identity.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -package v1alpha1 diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index 1cfc1cc5d..000000000 --- a/generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,235 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - identity "go.pinniped.dev/generated/1.27/apis/concierge/identity" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { - if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil { - return err - } - out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) - return nil -} - -// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function. -func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { - return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s) -} - -func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { - if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil { - return err - } - out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) - return nil -} - -// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function. -func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { - return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s) -} - -func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { - out.Username = in.Username - out.UID = in.UID - out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) - out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra)) - return nil -} - -// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function. -func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { - return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s) -} - -func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { - out.Username = in.Username - out.UID = in.UID - out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) - out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra)) - return nil -} - -// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function. -func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { - return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s) -} - -func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function. -func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { - return nil -} - -// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { - return nil -} - -// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { - if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s) -} - -func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { - if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { - return err - } - return nil -} - -// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function. -func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { - return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s) -} diff --git a/generated/1.27/apis/concierge/identity/validation/validation.go b/generated/1.27/apis/concierge/identity/validation/validation.go deleted file mode 100644 index c5334f7b0..000000000 --- a/generated/1.27/apis/concierge/identity/validation/validation.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package validation - -import ( - "k8s.io/apimachinery/pkg/util/validation/field" - - identityapi "go.pinniped.dev/generated/1.27/apis/concierge/identity" -) - -func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { - return nil // add validation for spec here if we expand it -} diff --git a/generated/1.27/apis/concierge/login/v1alpha1/doc.go b/generated/1.27/apis/concierge/login/v1alpha1/doc.go deleted file mode 100644 index 64a768a88..000000000 --- a/generated/1.27/apis/concierge/login/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.27/apis/concierge/login -// +k8s:defaulter-gen=TypeMeta -// +groupName=login.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -package v1alpha1 diff --git a/generated/1.27/apis/go.mod b/generated/1.27/apis/go.mod deleted file mode 100644 index 722802339..000000000 --- a/generated/1.27/apis/go.mod +++ /dev/null @@ -1,9 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.27/apis - -go 1.13 - -require ( - k8s.io/api v0.27.16 - k8s.io/apimachinery v0.27.16 -) diff --git a/generated/1.27/apis/go.sum b/generated/1.27/apis/go.sum deleted file mode 100644 index 39bcb26cf..000000000 --- a/generated/1.27/apis/go.sum +++ /dev/null @@ -1,353 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw= -github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= -github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= -github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= -github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= -github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= -github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= -github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= -github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.27.16 h1:70IBoTuiPfd+Tm68WH0tGXQRSQq0R1xnbyhTRe8WYQY= -k8s.io/api v0.27.16/go.mod h1:5j0Cgo6X4qovBOu3OjzRwETDEYqMxq2qafhDQXOPy3A= -k8s.io/apimachinery v0.27.16 h1:Nmbei3P/6w6vxbNxV8/sDCZz+TQrJ9A4+bVIRjDufuM= -k8s.io/apimachinery v0.27.16/go.mod h1:TWo+8wOIz3CytsrlI9k/LBWXLRr9dqf5hRSCbbggMAg= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= -k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= -k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.27/client/concierge/clientset/versioned/clientset.go b/generated/1.27/client/concierge/clientset/versioned/clientset.go deleted file mode 100644 index 8c6922caa..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/clientset.go +++ /dev/null @@ -1,146 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - "net/http" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface - ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface - LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface -} - -// Clientset contains the clients for groups. -type Clientset struct { - *discovery.DiscoveryClient - authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client - loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client -} - -// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client -func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { - return c.authenticationV1alpha1 -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return c.configV1alpha1 -} - -// IdentityV1alpha1 retrieves the IdentityV1alpha1Client -func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { - return c.identityV1alpha1 -} - -// LoginV1alpha1 retrieves the LoginV1alpha1Client -func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { - return c.loginV1alpha1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - - if configShallowCopy.UserAgent == "" { - configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() - } - - // share the transport between all clients - httpClient, err := rest.HTTPClientFor(&configShallowCopy) - if err != nil { - return nil, err - } - - return NewForConfigAndClient(&configShallowCopy, httpClient) -} - -// NewForConfigAndClient creates a new Clientset for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. -func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - - var cs Clientset - var err error - cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.identityV1alpha1, err = identityv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.loginV1alpha1, err = loginv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - cs, err := NewForConfig(c) - if err != nil { - panic(err) - } - return cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) - cs.configV1alpha1 = configv1alpha1.New(c) - cs.identityV1alpha1 = identityv1alpha1.New(c) - cs.loginV1alpha1 = loginv1alpha1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/generated/1.27/client/concierge/clientset/versioned/fake/register.go b/generated/1.27/client/concierge/clientset/versioned/fake/register.go deleted file mode 100644 index 1695bf6da..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/fake/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var scheme = runtime.NewScheme() -var codecs = serializer.NewCodecFactory(scheme) - -var localSchemeBuilder = runtime.SchemeBuilder{ - authenticationv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - identityv1alpha1.AddToScheme, - loginv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(scheme)) -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go deleted file mode 100644 index 2d23dc5ad..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type AuthenticationV1alpha1Interface interface { - RESTClient() rest.Interface - JWTAuthenticatorsGetter - WebhookAuthenticatorsGetter -} - -// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. -type AuthenticationV1alpha1Client struct { - restClient rest.Interface -} - -func (c *AuthenticationV1alpha1Client) JWTAuthenticators() JWTAuthenticatorInterface { - return newJWTAuthenticators(c) -} - -func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthenticatorInterface { - return newWebhookAuthenticators(c) -} - -// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new AuthenticationV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &AuthenticationV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AuthenticationV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *AuthenticationV1alpha1Client { - return &AuthenticationV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go deleted file mode 100644 index 3195051f9..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAuthenticationV1alpha1 struct { - *testing.Fake -} - -func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { - return &FakeJWTAuthenticators{c} -} - -func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { - return &FakeWebhookAuthenticators{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go deleted file mode 100644 index 66cdd7dab..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeJWTAuthenticators implements JWTAuthenticatorInterface -type FakeJWTAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var jwtauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators") - -var jwtauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator") - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go deleted file mode 100644 index 1ca0cdbfa..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface -type FakeWebhookAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var webhookauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators") - -var webhookauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator") - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index e620af0f4..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. -// A group's client should implement this interface. -type JWTAuthenticatorsGetter interface { - JWTAuthenticators() JWTAuthenticatorInterface -} - -// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. -type JWTAuthenticatorInterface interface { - Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) - Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) - JWTAuthenticatorExpansion -} - -// jWTAuthenticators implements JWTAuthenticatorInterface -type jWTAuthenticators struct { - client rest.Interface -} - -// newJWTAuthenticators returns a JWTAuthenticators -func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { - return &jWTAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Get(). - Resource("jwtauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.JWTAuthenticatorList{} - err = c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Post(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("jwtauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("jwtauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Patch(pt). - Resource("jwtauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 597eb6348..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. -// A group's client should implement this interface. -type WebhookAuthenticatorsGetter interface { - WebhookAuthenticators() WebhookAuthenticatorInterface -} - -// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. -type WebhookAuthenticatorInterface interface { - Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) - Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) - WebhookAuthenticatorExpansion -} - -// webhookAuthenticators implements WebhookAuthenticatorInterface -type webhookAuthenticators struct { - client rest.Interface -} - -// newWebhookAuthenticators returns a WebhookAuthenticators -func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { - return &webhookAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Get(). - Resource("webhookauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookAuthenticatorList{} - err = c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Post(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("webhookauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("webhookauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Patch(pt). - Resource("webhookauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go deleted file mode 100644 index e421e8627..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ConfigV1alpha1Interface interface { - RESTClient() rest.Interface - CredentialIssuersGetter -} - -// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. -type ConfigV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { - return newCredentialIssuers(c) -} - -// NewForConfig creates a new ConfigV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ConfigV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ConfigV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ConfigV1alpha1Client { - return &ConfigV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go deleted file mode 100644 index a8c8634d6..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. -// A group's client should implement this interface. -type CredentialIssuersGetter interface { - CredentialIssuers() CredentialIssuerInterface -} - -// CredentialIssuerInterface has methods to work with CredentialIssuer resources. -type CredentialIssuerInterface interface { - Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) - Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) - CredentialIssuerExpansion -} - -// credentialIssuers implements CredentialIssuerInterface -type credentialIssuers struct { - client rest.Interface -} - -// newCredentialIssuers returns a CredentialIssuers -func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { - return &credentialIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Get(). - Resource("credentialissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.CredentialIssuerList{} - err = c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Post(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("credentialissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("credentialissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Patch(pt). - Resource("credentialissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go deleted file mode 100644 index 2c512fd8a..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCredentialIssuers implements CredentialIssuerInterface -type FakeCredentialIssuers struct { - Fake *FakeConfigV1alpha1 -} - -var credentialissuersResource = v1alpha1.SchemeGroupVersion.WithResource("credentialissuers") - -var credentialissuersKind = v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer") - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} - for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go deleted file mode 100644 index e9eac841d..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeWhoAmIRequests implements WhoAmIRequestInterface -type FakeWhoAmIRequests struct { - Fake *FakeIdentityV1alpha1 -} - -var whoamirequestsResource = v1alpha1.SchemeGroupVersion.WithResource("whoamirequests") - -var whoamirequestsKind = v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest") - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WhoAmIRequest), err -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go deleted file mode 100644 index e18baa8d4..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. -// A group's client should implement this interface. -type WhoAmIRequestsGetter interface { - WhoAmIRequests() WhoAmIRequestInterface -} - -// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. -type WhoAmIRequestInterface interface { - Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) - WhoAmIRequestExpansion -} - -// whoAmIRequests implements WhoAmIRequestInterface -type whoAmIRequests struct { - client rest.Interface -} - -// newWhoAmIRequests returns a WhoAmIRequests -func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { - return &whoAmIRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - result = &v1alpha1.WhoAmIRequest{} - err = c.client.Post(). - Resource("whoamirequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(whoAmIRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go deleted file mode 100644 index 47de14a33..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeTokenCredentialRequests implements TokenCredentialRequestInterface -type FakeTokenCredentialRequests struct { - Fake *FakeLoginV1alpha1 -} - -var tokencredentialrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests") - -var tokencredentialrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest") - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.TokenCredentialRequest), err -} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go deleted file mode 100644 index f885c6e9b..000000000 --- a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1" - "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type LoginV1alpha1Interface interface { - RESTClient() rest.Interface - TokenCredentialRequestsGetter -} - -// LoginV1alpha1Client is used to interact with features provided by the login.concierge.pinniped.dev group. -type LoginV1alpha1Client struct { - restClient rest.Interface -} - -func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestInterface { - return newTokenCredentialRequests(c) -} - -// NewForConfig creates a new LoginV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new LoginV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &LoginV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new LoginV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *LoginV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new LoginV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *LoginV1alpha1Client { - return &LoginV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *LoginV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go deleted file mode 100644 index 9600a11ca..000000000 --- a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // JWTAuthenticators returns a JWTAuthenticatorInformer. - JWTAuthenticators() JWTAuthenticatorInformer - // WebhookAuthenticators returns a WebhookAuthenticatorInformer. - WebhookAuthenticators() WebhookAuthenticatorInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// JWTAuthenticators returns a JWTAuthenticatorInformer. -func (v *version) JWTAuthenticators() JWTAuthenticatorInformer { - return &jWTAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - -// WebhookAuthenticators returns a WebhookAuthenticatorInformer. -func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { - return &webhookAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 3302b13d0..000000000 --- a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorInformer provides access to a shared informer and lister for -// JWTAuthenticators. -type JWTAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.JWTAuthenticatorLister -} - -type jWTAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.JWTAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) -} - -func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { - return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 986f68dd2..000000000 --- a/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorInformer provides access to a shared informer and lister for -// WebhookAuthenticators. -type WebhookAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookAuthenticatorLister -} - -type webhookAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.WebhookAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) -} - -func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { - return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.27/client/concierge/informers/externalversions/factory.go b/generated/1.27/client/concierge/informers/externalversions/factory.go deleted file mode 100644 index 3a5abcb8b..000000000 --- a/generated/1.27/client/concierge/informers/externalversions/factory.go +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - reflect "reflect" - sync "sync" - time "time" - - versioned "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" - authentication "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/authentication" - config "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/config" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// SharedInformerOption defines the functional option type for SharedInformerFactory. -type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory - -type sharedInformerFactory struct { - client versioned.Interface - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc - lock sync.Mutex - defaultResync time.Duration - customResync map[reflect.Type]time.Duration - - informers map[reflect.Type]cache.SharedIndexInformer - // startedInformers is used for tracking which informers have been started. - // This allows Start() to be called multiple times safely. - startedInformers map[reflect.Type]bool - // wg tracks how many goroutines were started. - wg sync.WaitGroup - // shuttingDown is true when Shutdown has been called. It may still be running - // because it needs to wait for goroutines. - shuttingDown bool -} - -// WithCustomResyncConfig sets a custom resync period for the specified informer types. -func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - for k, v := range resyncConfig { - factory.customResync[reflect.TypeOf(k)] = v - } - return factory - } -} - -// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. -func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.tweakListOptions = tweakListOptions - return factory - } -} - -// WithNamespace limits the SharedInformerFactory to the specified namespace. -func WithNamespace(namespace string) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.namespace = namespace - return factory - } -} - -// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. -func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync) -} - -// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. -// Listers obtained via this SharedInformerFactory will be subject to the same filters -// as specified here. -// Deprecated: Please use NewSharedInformerFactoryWithOptions instead -func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) -} - -// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. -func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { - factory := &sharedInformerFactory{ - client: client, - namespace: v1.NamespaceAll, - defaultResync: defaultResync, - informers: make(map[reflect.Type]cache.SharedIndexInformer), - startedInformers: make(map[reflect.Type]bool), - customResync: make(map[reflect.Type]time.Duration), - } - - // Apply all options - for _, opt := range options { - factory = opt(factory) - } - - return factory -} - -func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { - f.lock.Lock() - defer f.lock.Unlock() - - if f.shuttingDown { - return - } - - for informerType, informer := range f.informers { - if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() - f.startedInformers[informerType] = true - } - } -} - -func (f *sharedInformerFactory) Shutdown() { - f.lock.Lock() - f.shuttingDown = true - f.lock.Unlock() - - // Will return immediately if there is nothing to wait for. - f.wg.Wait() -} - -func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { - informers := func() map[reflect.Type]cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informers := map[reflect.Type]cache.SharedIndexInformer{} - for informerType, informer := range f.informers { - if f.startedInformers[informerType] { - informers[informerType] = informer - } - } - return informers - }() - - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) - } - return res -} - -// InternalInformerFor returns the SharedIndexInformer for obj using an internal -// client. -func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informerType := reflect.TypeOf(obj) - informer, exists := f.informers[informerType] - if exists { - return informer - } - - resyncPeriod, exists := f.customResync[informerType] - if !exists { - resyncPeriod = f.defaultResync - } - - informer = newFunc(f.client, resyncPeriod) - f.informers[informerType] = informer - - return informer -} - -// SharedInformerFactory provides shared informers for resources in all known -// API group versions. -// -// It is typically used like this: -// -// ctx, cancel := context.Background() -// defer cancel() -// factory := NewSharedInformerFactory(client, resyncPeriod) -// defer factory.WaitForStop() // Returns immediately if nothing was started. -// genericInformer := factory.ForResource(resource) -// typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } -// } -// -// // Creating informers can also be created after Start, but then -// // Start must be called again: -// anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) -type SharedInformerFactory interface { - internalinterfaces.SharedInformerFactory - - // Start initializes all requested informers. They are handled in goroutines - // which run until the stop channel gets closed. - Start(stopCh <-chan struct{}) - - // Shutdown marks a factory as shutting down. At that point no new - // informers can be started anymore and Start will return without - // doing anything. - // - // In addition, Shutdown blocks until all goroutines have terminated. For that - // to happen, the close channel(s) that they were started with must be closed, - // either before Shutdown gets called or while it is waiting. - // - // Shutdown may be called multiple times, even concurrently. All such calls will - // block until all goroutines have terminated. - Shutdown() - - // WaitForCacheSync blocks until all started informers' caches were synced - // or the stop channel gets closed. - WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - - // ForResource gives generic access to a shared informer of the matching type. - ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - - // InternalInformerFor returns the SharedIndexInformer for obj using an internal - // client. - InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer - - Authentication() authentication.Interface - Config() config.Interface -} - -func (f *sharedInformerFactory) Authentication() authentication.Interface { - return authentication.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Config() config.Interface { - return config.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.27/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.27/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index d3bd0b656..000000000 --- a/generated/1.27/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorLister helps list JWTAuthenticators. -// All objects returned here must be treated as read-only. -type JWTAuthenticatorLister interface { - // List lists all JWTAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) - // Get retrieves the JWTAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.JWTAuthenticator, error) - JWTAuthenticatorListerExpansion -} - -// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. -type jWTAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. -func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { - return &jWTAuthenticatorLister{indexer: indexer} -} - -// List lists all JWTAuthenticators in the indexer. -func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) - }) - return ret, err -} - -// Get retrieves the JWTAuthenticator from the index for a given name. -func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) - } - return obj.(*v1alpha1.JWTAuthenticator), nil -} diff --git a/generated/1.27/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.27/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 49d354fa2..000000000 --- a/generated/1.27/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorLister helps list WebhookAuthenticators. -// All objects returned here must be treated as read-only. -type WebhookAuthenticatorLister interface { - // List lists all WebhookAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) - // Get retrieves the WebhookAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookAuthenticator, error) - WebhookAuthenticatorListerExpansion -} - -// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. -type webhookAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. -func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { - return &webhookAuthenticatorLister{indexer: indexer} -} - -// List lists all WebhookAuthenticators in the indexer. -func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) - }) - return ret, err -} - -// Get retrieves the WebhookAuthenticator from the index for a given name. -func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) - } - return obj.(*v1alpha1.WebhookAuthenticator), nil -} diff --git a/generated/1.27/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.27/client/concierge/listers/config/v1alpha1/credentialissuer.go deleted file mode 100644 index dd48af518..000000000 --- a/generated/1.27/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerLister helps list CredentialIssuers. -// All objects returned here must be treated as read-only. -type CredentialIssuerLister interface { - // List lists all CredentialIssuers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) - // Get retrieves the CredentialIssuer from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.CredentialIssuer, error) - CredentialIssuerListerExpansion -} - -// credentialIssuerLister implements the CredentialIssuerLister interface. -type credentialIssuerLister struct { - indexer cache.Indexer -} - -// NewCredentialIssuerLister returns a new CredentialIssuerLister. -func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { - return &credentialIssuerLister{indexer: indexer} -} - -// List lists all CredentialIssuers in the indexer. -func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.CredentialIssuer)) - }) - return ret, err -} - -// Get retrieves the CredentialIssuer from the index for a given name. -func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) - } - return obj.(*v1alpha1.CredentialIssuer), nil -} diff --git a/generated/1.27/client/go.mod b/generated/1.27/client/go.mod deleted file mode 100644 index aace47f3b..000000000 --- a/generated/1.27/client/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.27/client - -go 1.13 - -replace go.pinniped.dev/generated/1.27/apis => ../apis - -require ( - go.pinniped.dev/generated/1.27/apis v0.0.0 - k8s.io/apimachinery v0.27.16 - k8s.io/client-go v0.27.16 - k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f -) diff --git a/generated/1.27/client/go.sum b/generated/1.27/client/go.sum deleted file mode 100644 index 822d6e2b5..000000000 --- a/generated/1.27/client/go.sum +++ /dev/null @@ -1,396 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.1 h1:FBLnyygC4/IZZr893oiomc9XaghoveYTrLC1F86HID8= -github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw= -github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= -github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= -github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= -github.com/onsi/ginkgo/v2 v2.9.1 h1:zie5Ly042PD3bsCvsSOPvRnFwyo3rKe64TJlD6nu0mk= -github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= -github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= -github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= -github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= -github.com/onsi/gomega v1.27.4 h1:Z2AnStgsdSayCMDiCU42qIz+HLqEPcgiOCXjAU/w+8E= -github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.27.16 h1:70IBoTuiPfd+Tm68WH0tGXQRSQq0R1xnbyhTRe8WYQY= -k8s.io/api v0.27.16/go.mod h1:5j0Cgo6X4qovBOu3OjzRwETDEYqMxq2qafhDQXOPy3A= -k8s.io/apimachinery v0.27.16 h1:Nmbei3P/6w6vxbNxV8/sDCZz+TQrJ9A4+bVIRjDufuM= -k8s.io/apimachinery v0.27.16/go.mod h1:TWo+8wOIz3CytsrlI9k/LBWXLRr9dqf5hRSCbbggMAg= -k8s.io/client-go v0.27.16 h1:x06Jk6/SIQQ6kAsWs5uzQIkBLHtcAQlbTAgmj1tZzG0= -k8s.io/client-go v0.27.16/go.mod h1:bPZUNRj8XsHa+JVS5jU6qeU2H/Za8+7riWA08FUjaA8= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= -k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5FJ2kxm1WrQFanWchyKuqGg= -k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= -k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.27/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.27/client/supervisor/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index cd2e1d1a8..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var ( - _ clientset.Interface = &Clientset{} - _ testing.FakeClient = &Clientset{} -) - -// ClientsecretV1alpha1 retrieves the ClientsecretV1alpha1Client -func (c *Clientset) ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface { - return &fakeclientsecretv1alpha1.FakeClientsecretV1alpha1{Fake: &c.Fake} -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} -} - -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/fake/register.go b/generated/1.27/client/supervisor/clientset/versioned/fake/register.go deleted file mode 100644 index 756006f93..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/fake/register.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var scheme = runtime.NewScheme() -var codecs = serializer.NewCodecFactory(scheme) - -var localSchemeBuilder = runtime.SchemeBuilder{ - clientsecretv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(scheme)) -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.27/client/supervisor/clientset/versioned/scheme/register.go deleted file mode 100644 index b4cce28e1..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/scheme/register.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package scheme - -import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var Scheme = runtime.NewScheme() -var Codecs = serializer.NewCodecFactory(Scheme) -var ParameterCodec = runtime.NewParameterCodec(Scheme) -var localSchemeBuilder = runtime.SchemeBuilder{ - clientsecretv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(Scheme)) -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go b/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go deleted file mode 100644 index a26b5be14..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1" - "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ClientsecretV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientSecretRequestsGetter -} - -// ClientsecretV1alpha1Client is used to interact with features provided by the clientsecret.supervisor.pinniped.dev group. -type ClientsecretV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ClientsecretV1alpha1Client) OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface { - return newOIDCClientSecretRequests(c, namespace) -} - -// NewForConfig creates a new ClientsecretV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ClientsecretV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ClientsecretV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ClientsecretV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ClientsecretV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ClientsecretV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ClientsecretV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ClientsecretV1alpha1Client { - return &ClientsecretV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ClientsecretV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go deleted file mode 100644 index 1928123d1..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type FakeOIDCClientSecretRequests struct { - Fake *FakeClientsecretV1alpha1 - ns string -} - -var oidcclientsecretrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests") - -var oidcclientsecretrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest") - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *FakeOIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsecretrequestsResource, c.ns, oIDCClientSecretRequest), &v1alpha1.OIDCClientSecretRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClientSecretRequest), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go deleted file mode 100644 index 7e03da7d5..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. -// A group's client should implement this interface. -type OIDCClientSecretRequestsGetter interface { - OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface -} - -// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. -type OIDCClientSecretRequestInterface interface { - Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*v1alpha1.OIDCClientSecretRequest, error) - OIDCClientSecretRequestExpansion -} - -// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type oIDCClientSecretRequests struct { - client rest.Interface - ns string -} - -// newOIDCClientSecretRequests returns a OIDCClientSecretRequests -func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { - return &oIDCClientSecretRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *oIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - result = &v1alpha1.OIDCClientSecretRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclientsecretrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClientSecretRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go deleted file mode 100644 index 006a9907c..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ConfigV1alpha1Interface interface { - RESTClient() rest.Interface - FederationDomainsGetter - OIDCClientsGetter -} - -// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. -type ConfigV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDomainInterface { - return newFederationDomains(c, namespace) -} - -func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new ConfigV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ConfigV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ConfigV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ConfigV1alpha1Client { - return &ConfigV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go deleted file mode 100644 index 36528a6f2..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeFederationDomains implements FederationDomainInterface -type FakeFederationDomains struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var federationdomainsResource = v1alpha1.SchemeGroupVersion.WithResource("federationdomains") - -var federationdomainsKind = v1alpha1.SchemeGroupVersion.WithKind("FederationDomain") - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} - for _, item := range obj.(*v1alpha1.FederationDomainList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) - -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) - return err -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index 3f17b4b1b..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var oidcclientsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclients") - -var oidcclientsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClient") - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcclientsResource, c.ns, name, opts), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go deleted file mode 100644 index b586bfd2c..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// FederationDomainsGetter has a method to return a FederationDomainInterface. -// A group's client should implement this interface. -type FederationDomainsGetter interface { - FederationDomains(namespace string) FederationDomainInterface -} - -// FederationDomainInterface has methods to work with FederationDomain resources. -type FederationDomainInterface interface { - Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) - Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) - FederationDomainExpansion -} - -// federationDomains implements FederationDomainInterface -type federationDomains struct { - client rest.Interface - ns string -} - -// newFederationDomains returns a FederationDomains -func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { - return &federationDomains{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.FederationDomainList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Post(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go deleted file mode 100644 index 325f0ed98..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCClientsGetter has a method to return a OIDCClientInterface. -// A group's client should implement this interface. -type OIDCClientsGetter interface { - OIDCClients(namespace string) OIDCClientInterface -} - -// OIDCClientInterface has methods to work with OIDCClient resources. -type OIDCClientInterface interface { - Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (*v1alpha1.OIDCClient, error) - Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCClient, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCClientList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) - OIDCClientExpansion -} - -// oIDCClients implements OIDCClientInterface -type oIDCClients struct { - client rest.Interface - ns string -} - -// newOIDCClients returns a OIDCClients -func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { - return &oIDCClients{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *oIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *oIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCClientList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *oIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *oIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *oIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 9ad12ac4d..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. -// A group's client should implement this interface. -type ActiveDirectoryIdentityProvidersGetter interface { - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface -} - -// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. -type ActiveDirectoryIdentityProviderInterface interface { - Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) - ActiveDirectoryIdentityProviderExpansion -} - -// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type activeDirectoryIdentityProviders struct { - client rest.Interface - ns string -} - -// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders -func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { - return &activeDirectoryIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ActiveDirectoryIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go deleted file mode 100644 index f6593ccff..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type FakeActiveDirectoryIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var activedirectoryidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders") - -var activedirectoryidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider") - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go deleted file mode 100644 index 34334d27c..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeGitHubIdentityProviders implements GitHubIdentityProviderInterface -type FakeGitHubIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var githubidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders") - -var githubidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider") - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *FakeGitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(githubidentityprovidersResource, c.ns, name), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *FakeGitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(githubidentityprovidersResource, githubidentityprovidersKind, c.ns, opts), &v1alpha1.GitHubIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.GitHubIdentityProviderList{ListMeta: obj.(*v1alpha1.GitHubIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.GitHubIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *FakeGitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(githubidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeGitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(githubidentityprovidersResource, "status", c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeGitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(githubidentityprovidersResource, c.ns, name, opts), &v1alpha1.GitHubIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeGitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(githubidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.GitHubIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *FakeGitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(githubidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go deleted file mode 100644 index 24e1d1738..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface -type FakeLDAPIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var ldapidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders") - -var ldapidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider") - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go deleted file mode 100644 index 0c3e9ce57..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface -type FakeOIDCIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var oidcidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders") - -var oidcidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider") - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 6d6885037..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. -// A group's client should implement this interface. -type GitHubIdentityProvidersGetter interface { - GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface -} - -// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. -type GitHubIdentityProviderInterface interface { - Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.GitHubIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.GitHubIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) - GitHubIdentityProviderExpansion -} - -// gitHubIdentityProviders implements GitHubIdentityProviderInterface -type gitHubIdentityProviders struct { - client rest.Interface - ns string -} - -// newGitHubIdentityProviders returns a GitHubIdentityProviders -func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { - return &gitHubIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *gitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *gitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.GitHubIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *gitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *gitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *gitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *gitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *gitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go deleted file mode 100644 index fae317292..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type IDPV1alpha1Interface interface { - RESTClient() rest.Interface - ActiveDirectoryIdentityProvidersGetter - GitHubIdentityProvidersGetter - LDAPIdentityProvidersGetter - OIDCIdentityProvidersGetter -} - -// IDPV1alpha1Client is used to interact with features provided by the idp.supervisor.pinniped.dev group. -type IDPV1alpha1Client struct { - restClient rest.Interface -} - -func (c *IDPV1alpha1Client) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface { - return newActiveDirectoryIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface { - return newGitHubIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface { - return newLDAPIdentityProviders(c, namespace) -} - -func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface { - return newOIDCIdentityProviders(c, namespace) -} - -// NewForConfig creates a new IDPV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new IDPV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &IDPV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new IDPV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IDPV1alpha1Client { - return &IDPV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *IDPV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 8da84f5cd..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. -// A group's client should implement this interface. -type LDAPIdentityProvidersGetter interface { - LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface -} - -// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. -type LDAPIdentityProviderInterface interface { - Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) - LDAPIdentityProviderExpansion -} - -// lDAPIdentityProviders implements LDAPIdentityProviderInterface -type lDAPIdentityProviders struct { - client rest.Interface - ns string -} - -// newLDAPIdentityProviders returns a LDAPIdentityProviders -func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { - return &lDAPIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.LDAPIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 2ebc29045..000000000 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. -// A group's client should implement this interface. -type OIDCIdentityProvidersGetter interface { - OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface -} - -// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. -type OIDCIdentityProviderInterface interface { - Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) - OIDCIdentityProviderExpansion -} - -// oIDCIdentityProviders implements OIDCIdentityProviderInterface -type oIDCIdentityProviders struct { - client rest.Interface - ns string -} - -// newOIDCIdentityProviders returns a OIDCIdentityProviders -func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { - return &oIDCIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/interface.go deleted file mode 100644 index 8fc0b6132..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // FederationDomains returns a FederationDomainInformer. - FederationDomains() FederationDomainInformer - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// FederationDomains returns a FederationDomainInformer. -func (v *version) FederationDomains() FederationDomainInformer { - return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go deleted file mode 100644 index 90add02d2..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCClientInformer provides access to a shared informer and lister for -// OIDCClients. -type OIDCClientInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCClientLister -} - -type oIDCClientInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCClientInformer constructs a new informer for OIDCClient type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.OIDCClient{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCClientInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) -} - -func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { - return v1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/factory.go b/generated/1.27/client/supervisor/informers/externalversions/factory.go deleted file mode 100644 index fa3e013d2..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/factory.go +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - reflect "reflect" - sync "sync" - time "time" - - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - config "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/idp" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// SharedInformerOption defines the functional option type for SharedInformerFactory. -type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory - -type sharedInformerFactory struct { - client versioned.Interface - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc - lock sync.Mutex - defaultResync time.Duration - customResync map[reflect.Type]time.Duration - - informers map[reflect.Type]cache.SharedIndexInformer - // startedInformers is used for tracking which informers have been started. - // This allows Start() to be called multiple times safely. - startedInformers map[reflect.Type]bool - // wg tracks how many goroutines were started. - wg sync.WaitGroup - // shuttingDown is true when Shutdown has been called. It may still be running - // because it needs to wait for goroutines. - shuttingDown bool -} - -// WithCustomResyncConfig sets a custom resync period for the specified informer types. -func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - for k, v := range resyncConfig { - factory.customResync[reflect.TypeOf(k)] = v - } - return factory - } -} - -// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. -func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.tweakListOptions = tweakListOptions - return factory - } -} - -// WithNamespace limits the SharedInformerFactory to the specified namespace. -func WithNamespace(namespace string) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.namespace = namespace - return factory - } -} - -// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. -func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync) -} - -// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. -// Listers obtained via this SharedInformerFactory will be subject to the same filters -// as specified here. -// Deprecated: Please use NewSharedInformerFactoryWithOptions instead -func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) -} - -// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. -func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { - factory := &sharedInformerFactory{ - client: client, - namespace: v1.NamespaceAll, - defaultResync: defaultResync, - informers: make(map[reflect.Type]cache.SharedIndexInformer), - startedInformers: make(map[reflect.Type]bool), - customResync: make(map[reflect.Type]time.Duration), - } - - // Apply all options - for _, opt := range options { - factory = opt(factory) - } - - return factory -} - -func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { - f.lock.Lock() - defer f.lock.Unlock() - - if f.shuttingDown { - return - } - - for informerType, informer := range f.informers { - if !f.startedInformers[informerType] { - f.wg.Add(1) - // We need a new variable in each loop iteration, - // otherwise the goroutine would use the loop variable - // and that keeps changing. - informer := informer - go func() { - defer f.wg.Done() - informer.Run(stopCh) - }() - f.startedInformers[informerType] = true - } - } -} - -func (f *sharedInformerFactory) Shutdown() { - f.lock.Lock() - f.shuttingDown = true - f.lock.Unlock() - - // Will return immediately if there is nothing to wait for. - f.wg.Wait() -} - -func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { - informers := func() map[reflect.Type]cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informers := map[reflect.Type]cache.SharedIndexInformer{} - for informerType, informer := range f.informers { - if f.startedInformers[informerType] { - informers[informerType] = informer - } - } - return informers - }() - - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) - } - return res -} - -// InternalInformerFor returns the SharedIndexInformer for obj using an internal -// client. -func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informerType := reflect.TypeOf(obj) - informer, exists := f.informers[informerType] - if exists { - return informer - } - - resyncPeriod, exists := f.customResync[informerType] - if !exists { - resyncPeriod = f.defaultResync - } - - informer = newFunc(f.client, resyncPeriod) - f.informers[informerType] = informer - - return informer -} - -// SharedInformerFactory provides shared informers for resources in all known -// API group versions. -// -// It is typically used like this: -// -// ctx, cancel := context.Background() -// defer cancel() -// factory := NewSharedInformerFactory(client, resyncPeriod) -// defer factory.WaitForStop() // Returns immediately if nothing was started. -// genericInformer := factory.ForResource(resource) -// typedInformer := factory.SomeAPIGroup().V1().SomeType() -// factory.Start(ctx.Done()) // Start processing these informers. -// synced := factory.WaitForCacheSync(ctx.Done()) -// for v, ok := range synced { -// if !ok { -// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) -// return -// } -// } -// -// // Creating informers can also be created after Start, but then -// // Start must be called again: -// anotherGenericInformer := factory.ForResource(resource) -// factory.Start(ctx.Done()) -type SharedInformerFactory interface { - internalinterfaces.SharedInformerFactory - - // Start initializes all requested informers. They are handled in goroutines - // which run until the stop channel gets closed. - Start(stopCh <-chan struct{}) - - // Shutdown marks a factory as shutting down. At that point no new - // informers can be started anymore and Start will return without - // doing anything. - // - // In addition, Shutdown blocks until all goroutines have terminated. For that - // to happen, the close channel(s) that they were started with must be closed, - // either before Shutdown gets called or while it is waiting. - // - // Shutdown may be called multiple times, even concurrently. All such calls will - // block until all goroutines have terminated. - Shutdown() - - // WaitForCacheSync blocks until all started informers' caches were synced - // or the stop channel gets closed. - WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - - // ForResource gives generic access to a shared informer of the matching type. - ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - - // InternalInformerFor returns the SharedIndexInformer for obj using an internal - // client. - InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer - - Config() config.Interface - IDP() idp.Interface -} - -func (f *sharedInformerFactory) Config() config.Interface { - return config.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) IDP() idp.Interface { - return idp.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/generic.go b/generated/1.27/client/supervisor/informers/externalversions/generic.go deleted file mode 100644 index 9bc1dfec2..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/generic.go +++ /dev/null @@ -1,62 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - "fmt" - - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// GenericInformer is type of SharedIndexInformer which will locate and delegate to other -// sharedInformers based on type -type GenericInformer interface { - Informer() cache.SharedIndexInformer - Lister() cache.GenericLister -} - -type genericInformer struct { - informer cache.SharedIndexInformer - resource schema.GroupResource -} - -// Informer returns the SharedIndexInformer. -func (f *genericInformer) Informer() cache.SharedIndexInformer { - return f.informer -} - -// Lister returns the GenericLister. -func (f *genericInformer) Lister() cache.GenericLister { - return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) -} - -// ForResource gives generic access to a shared informer of the matching type -// TODO extend this to unknown resources with a client pool -func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { - switch resource { - // Group=config.supervisor.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil - - // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 - case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().ActiveDirectoryIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().GitHubIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().LDAPIdentityProviders().Informer()}, nil - case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - - } - - return nil, fmt.Errorf("no informer found for %v", resource) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.27/client/supervisor/informers/externalversions/idp/interface.go deleted file mode 100644 index 079c51975..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package idp - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go deleted file mode 100644 index 8202dfb9e..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. - ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer - // GitHubIdentityProviders returns a GitHubIdentityProviderInformer. - GitHubIdentityProviders() GitHubIdentityProviderInformer - // LDAPIdentityProviders returns a LDAPIdentityProviderInformer. - LDAPIdentityProviders() LDAPIdentityProviderInformer - // OIDCIdentityProviders returns a OIDCIdentityProviderInformer. - OIDCIdentityProviders() OIDCIdentityProviderInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. -func (v *version) ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer { - return &activeDirectoryIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// GitHubIdentityProviders returns a GitHubIdentityProviderInformer. -func (v *version) GitHubIdentityProviders() GitHubIdentityProviderInformer { - return &gitHubIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// LDAPIdentityProviders returns a LDAPIdentityProviderInformer. -func (v *version) LDAPIdentityProviders() LDAPIdentityProviderInformer { - return &lDAPIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// OIDCIdentityProviders returns a OIDCIdentityProviderInformer. -func (v *version) OIDCIdentityProviders() OIDCIdentityProviderInformer { - return &oIDCIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 8a7d9d946..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// LDAPIdentityProviderInformer provides access to a shared informer and lister for -// LDAPIdentityProviders. -type LDAPIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.LDAPIdentityProviderLister -} - -type lDAPIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.LDAPIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) -} - -func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { - return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index b97012621..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCIdentityProviderInformer provides access to a shared informer and lister for -// OIDCIdentityProviders. -type OIDCIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCIdentityProviderLister -} - -type oIDCIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.OIDCIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) -} - -func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { - return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go deleted file mode 100644 index 171ad6ea9..000000000 --- a/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package internalinterfaces - -import ( - time "time" - - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - cache "k8s.io/client-go/tools/cache" -) - -// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. -type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer - -// SharedInformerFactory a small interface to allow for adding an informer without an import cycle -type SharedInformerFactory interface { - Start(stopCh <-chan struct{}) - InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer -} - -// TweakListOptionsFunc is a function that transforms a v1.ListOptions. -type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.27/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.27/client/supervisor/listers/config/v1alpha1/oidcclient.go deleted file mode 100644 index ab9986c89..000000000 --- a/generated/1.27/client/supervisor/listers/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.27/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.27/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 23dc6b7b0..000000000 --- a/generated/1.27/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. -// All objects returned here must be treated as read-only. -type ActiveDirectoryIdentityProviderLister interface { - // List lists all ActiveDirectoryIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) - // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister - ActiveDirectoryIdentityProviderListerExpansion -} - -// activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. -type activeDirectoryIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. -func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { - return &activeDirectoryIdentityProviderLister{indexer: indexer} -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer. -func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. -func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { - return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. -// All objects returned here must be treated as read-only. -type ActiveDirectoryIdentityProviderNamespaceLister interface { - // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) - // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - ActiveDirectoryIdentityProviderNamespaceListerExpansion -} - -// activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister -// interface. -type activeDirectoryIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. -func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. -func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil -} diff --git a/generated/1.27/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go b/generated/1.27/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 5e6df6716..000000000 --- a/generated/1.27/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// GitHubIdentityProviderLister helps list GitHubIdentityProviders. -// All objects returned here must be treated as read-only. -type GitHubIdentityProviderLister interface { - // List lists all GitHubIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) - // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. - GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister - GitHubIdentityProviderListerExpansion -} - -// gitHubIdentityProviderLister implements the GitHubIdentityProviderLister interface. -type gitHubIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewGitHubIdentityProviderLister returns a new GitHubIdentityProviderLister. -func NewGitHubIdentityProviderLister(indexer cache.Indexer) GitHubIdentityProviderLister { - return &gitHubIdentityProviderLister{indexer: indexer} -} - -// List lists all GitHubIdentityProviders in the indexer. -func (s *gitHubIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. -func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister { - return gitHubIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// GitHubIdentityProviderNamespaceLister helps list and get GitHubIdentityProviders. -// All objects returned here must be treated as read-only. -type GitHubIdentityProviderNamespaceLister interface { - // List lists all GitHubIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) - // Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.GitHubIdentityProvider, error) - GitHubIdentityProviderNamespaceListerExpansion -} - -// gitHubIdentityProviderNamespaceLister implements the GitHubIdentityProviderNamespaceLister -// interface. -type gitHubIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all GitHubIdentityProviders in the indexer for a given namespace. -func (s gitHubIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. -func (s gitHubIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.GitHubIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("githubidentityprovider"), name) - } - return obj.(*v1alpha1.GitHubIdentityProvider), nil -} diff --git a/generated/1.27/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.27/client/supervisor/openapi/zz_generated.openapi.go deleted file mode 100644 index 5865c335d..000000000 --- a/generated/1.27/client/supervisor/openapi/zz_generated.openapi.go +++ /dev/null @@ -1,2664 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by openapi-gen. DO NOT EDIT. - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - common "k8s.io/kube-openapi/pkg/common" - spec "k8s.io/kube-openapi/pkg/validation/spec" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of OIDCClientSecretRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generateNewSecret": { - SchemaProps: spec.SchemaProps{ - Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "revokeOldSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generatedSecret": { - SchemaProps: spec.SchemaProps{ - Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", - Type: []string{"string"}, - Format: "", - }, - }, - "totalClientSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"totalClientSecrets"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the name of the group.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the versions supported in this group.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - }, - }, - }, - "preferredVersion": { - SchemaProps: spec.SchemaProps{ - Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"name", "versions"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "groups is a list of APIGroup.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"groups"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, - } -} - -func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResource specifies the name of a resource and whether it is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the plural name of the resource.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "singularName": { - SchemaProps: spec.SchemaProps{ - Description: "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "namespaced": { - SchemaProps: spec.SchemaProps{ - Description: "namespaced indicates if a resource is namespaced or not.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "verbs": { - SchemaProps: spec.SchemaProps{ - Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "shortNames": { - SchemaProps: spec.SchemaProps{ - Description: "shortNames is a list of suggested short names of the resource.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "categories": { - SchemaProps: spec.SchemaProps{ - Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "storageVersionHash": { - SchemaProps: spec.SchemaProps{ - Description: "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "singularName", "namespaced", "kind", "verbs"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion is the group and version this APIResourceList is for.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resources": { - SchemaProps: spec.SchemaProps{ - Description: "resources contains the name of the resources and if they are namespaced.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), - }, - }, - }, - }, - }, - }, - Required: []string{"groupVersion", "resources"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, - } -} - -func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the api versions that are available.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"versions", "serverAddressByClientCIDRs"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ApplyOptions may be provided when applying an API object. FieldManager is required for apply requests. ApplyOptions is equivalent to PatchOptions. It is provided as a convenience with documentation that speaks specifically to how the options fields relate to apply.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"force", "fieldManager"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition contains details for one aspect of the current state of this API Resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CreateOptions may be provided when creating an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "DeleteOptions may be provided when deleting an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "gracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "preconditions": { - SchemaProps: spec.SchemaProps{ - Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), - }, - }, - "orphanDependents": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "propagationPolicy": { - SchemaProps: spec.SchemaProps{ - Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, - } -} - -func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_FieldsV1(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.\n\nEach key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:', where is the name of a field in a struct, or key in a map 'v:', where is the exact json formatted value of a list item 'i:', where is position of a item in a list 'k:', where is a map of a list item's key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.\n\nThe exact format is defined in sigs.k8s.io/structured-merge-diff", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GetOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GetOptions is the standard query options to the standard REST get call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion specifies the API group and version in the form \"group/version\"", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"groupVersion", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "InternalEvent makes watch.Event versioned", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "Type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "Object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), - }, - }, - }, - Required: []string{"Type", "Object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "matchLabels": { - SchemaProps: spec.SchemaProps{ - Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "matchExpressions": { - SchemaProps: spec.SchemaProps{ - Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), - }, - }, - }, - }, - }, - }, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "key", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "key is the label key that the selector applies to.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "operator": { - SchemaProps: spec.SchemaProps{ - Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"key", "operator"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List holds a list of objects, which may not be known by the server.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "List of objects", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", - Type: []string{"string"}, - Format: "", - }, - }, - "remainingItemCount": { - SchemaProps: spec.SchemaProps{ - Description: "remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is *estimating* the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListOptions is the query options to a standard REST list call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "labelSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "watch": { - SchemaProps: spec.SchemaProps{ - Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "allowWatchBookmarks": { - SchemaProps: spec.SchemaProps{ - Description: "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersionMatch": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "timeoutSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "limit": { - SchemaProps: spec.SchemaProps{ - Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - Type: []string{"string"}, - Format: "", - }, - }, - "sendInitialEvents": { - SchemaProps: spec.SchemaProps{ - Description: "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "manager": { - SchemaProps: spec.SchemaProps{ - Description: "Manager is an identifier of the workflow managing these fields.", - Type: []string{"string"}, - Format: "", - }, - }, - "operation": { - SchemaProps: spec.SchemaProps{ - Description: "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", - Type: []string{"string"}, - Format: "", - }, - }, - "time": { - SchemaProps: spec.SchemaProps{ - Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "fieldsType": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: \"FieldsV1\"", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldsV1": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), - }, - }, - "subresource": { - SchemaProps: spec.SchemaProps{ - Description: "Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Type: []string{"string"}, - Format: "", - }, - }, - "generateName": { - SchemaProps: spec.SchemaProps{ - Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will return a 409.\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency", - Type: []string{"string"}, - Format: "", - }, - }, - "namespace": { - SchemaProps: spec.SchemaProps{ - Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces", - Type: []string{"string"}, - Format: "", - }, - }, - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "generation": { - SchemaProps: spec.SchemaProps{ - Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "creationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionGracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "labels": { - SchemaProps: spec.SchemaProps{ - Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "annotations": { - SchemaProps: spec.SchemaProps{ - Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "ownerReferences": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "uid", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), - }, - }, - }, - }, - }, - "finalizers": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "managedFields": { - SchemaProps: spec.SchemaProps{ - Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "API version of the referent.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "controller": { - SchemaProps: spec.SchemaProps{ - Description: "If true, this reference points to the managing controller.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "blockOwnerDeletion": { - SchemaProps: spec.SchemaProps{ - Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"apiVersion", "kind", "name", "uid"}, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadataList contains a list of objects containing only their metadata", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "items contains each of the included items.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, - } -} - -func schema_pkg_apis_meta_v1_Patch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PatchOptions may be provided when patching an API object. PatchOptions is meant to be a superset of UpdateOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Preconditions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target UID.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target ResourceVersion", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "paths": { - SchemaProps: spec.SchemaProps{ - Description: "paths are the paths available at root.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"paths"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "clientCIDR": { - SchemaProps: spec.SchemaProps{ - Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "serverAddress": { - SchemaProps: spec.SchemaProps{ - Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"clientCIDR", "serverAddress"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is a return value for calls that don't return other objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the status of this operation.", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - Type: []string{"string"}, - Format: "", - }, - }, - "details": { - SchemaProps: spec.SchemaProps{ - Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), - }, - }, - "code": { - SchemaProps: spec.SchemaProps{ - Description: "Suggested HTTP return code for this status, 0 if not set.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, - } -} - -func schema_pkg_apis_meta_v1_StatusCause(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", - Type: []string{"string"}, - Format: "", - }, - }, - "field": { - SchemaProps: spec.SchemaProps{ - Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", - Type: []string{"string"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "The group attribute of the resource associated with the status StatusReason.", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "causes": { - SchemaProps: spec.SchemaProps{ - Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), - }, - }, - }, - }, - }, - "retryAfterSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, - } -} - -func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "columnDefinitions": { - SchemaProps: spec.SchemaProps{ - Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), - }, - }, - }, - }, - }, - "rows": { - SchemaProps: spec.SchemaProps{ - Description: "rows is the list of items in the table.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), - }, - }, - }, - }, - }, - }, - Required: []string{"columnDefinitions", "rows"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, - } -} - -func schema_pkg_apis_meta_v1_TableColumnDefinition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableColumnDefinition contains information about a column returned in the Table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is a human readable name for the column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type is an OpenAPI type definition for this column, such as number, integer, string, or array. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "format": { - SchemaProps: spec.SchemaProps{ - Description: "format is an optional OpenAPI type modifier for this column. A format modifies the type and imposes additional rules, like date or time formatting for a string. The 'name' format is applied to the primary identifier column which has type 'string' to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "description": { - SchemaProps: spec.SchemaProps{ - Description: "description is a human readable description of this column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "priority": { - SchemaProps: spec.SchemaProps{ - Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"name", "type", "format", "description", "priority"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableOptions are used when a Table is requested by the caller.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "includeObject": { - SchemaProps: spec.SchemaProps{ - Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRow is an individual row in a table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "cells": { - SchemaProps: spec.SchemaProps{ - Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Format: "", - }, - }, - }, - }, - }, - "conditions": { - SchemaProps: spec.SchemaProps{ - Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), - }, - }, - }, - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"cells"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_TableRowCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRowCondition allows a row to be marked with additional information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type of row condition. The only defined value is 'Completed' indicating that the object this row represents has reached a completed state and may be given less visual priority than other rows. Clients are not required to honor any conditions but should be consistent where possible about handling the conditions.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "(brief) machine readable reason for the condition's last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "Human readable message indicating details about last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Timestamp(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "seconds": { - SchemaProps: spec.SchemaProps{ - Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.", - Default: 0, - Type: []string{"integer"}, - Format: "int64", - }, - }, - "nanos": { - SchemaProps: spec.SchemaProps{ - Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"seconds", "nanos"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UpdateOptions may be provided when updating an API object. All fields in UpdateOptions should also be present in PatchOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Event represents a single event to a watched resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"type", "object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.Object `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// External package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// On the wire, the JSON will look something like this:\n\n\t{\n\t\t\"kind\":\"MyAPIObject\",\n\t\t\"apiVersion\":\"v1\",\n\t\t\"myPlugin\": {\n\t\t\t\"kind\":\"PluginA\",\n\t\t\t\"aOption\":\"foo\",\n\t\t},\n\t}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", - Type: []string{"object"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this:\n\n\ttype MyAwesomeAPIObject struct {\n\t runtime.TypeMeta `json:\",inline\"`\n\t ... // other fields\n\t}\n\nfunc (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "ContentEncoding": { - SchemaProps: spec.SchemaProps{ - Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "ContentType": { - SchemaProps: spec.SchemaProps{ - Description: "ContentType is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"ContentEncoding", "ContentType"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Info contains versioning information. how we'll want to distribute that information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "major": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "minor": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitCommit": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitTreeState": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "buildDate": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "goVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "compiler": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "platform": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"}, - }, - }, - } -} diff --git a/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml deleted file mode 100644 index d42381eef..000000000 --- a/generated/1.27/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ /dev/null @@ -1,185 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: webhookauthenticators.authentication.concierge.pinniped.dev -spec: - group: authentication.concierge.pinniped.dev - names: - categories: - - pinniped - - pinniped-authenticator - - pinniped-authenticators - kind: WebhookAuthenticator - listKind: WebhookAuthenticatorList - plural: webhookauthenticators - singular: webhookauthenticator - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: WebhookAuthenticator describes the configuration of a webhook - authenticator. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the authenticator. - properties: - endpoint: - description: Webhook server endpoint URL. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: TLS configuration. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - required: - - endpoint - type: object - status: - description: Status of the authenticator. - properties: - conditions: - description: Represents the observations of the authenticator's current - state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the WebhookAuthenticator. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 233ed95cf..000000000 --- a/generated/1.27/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,230 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: oidcclients.config.supervisor.pinniped.dev -spec: - group: config.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.allowedScopes[?(@ == "pinniped:request-audience")] - name: Privileged Scopes - type: string - - jsonPath: .status.totalClientSecrets - name: Client Secrets - type: integer - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: |- - allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this - client. - - Must only contain the following values: - - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to - authenticate users. This grant must always be listed. - - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. - This grant must be listed if allowedScopes lists offline_access. - - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, - which is a step in the process to be able to get a cluster credential for the user. - This grant must be listed if allowedScopes lists pinniped:request-audience. - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - allowedRedirectURIs: - description: |- - allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. - Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. - Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. - items: - pattern: ^https://.+|^http://(127\.0\.0\.1|\[::1\])(:\d+)?/ - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - allowedScopes: - description: |- - allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - - Must only contain the following values: - - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). - This scope must always be listed. - - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, - which is a step in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope is present. - This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - - username: The client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token will not contain the user's username. - - groups: The client is allowed to request that ID tokens contain the user's group membership, - if their group membership is discoverable by the Supervisor. - Without the groups scope being requested and allowed, the ID token will not contain groups. - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - tokenLifetimes: - description: tokenLifetimes are the optional overrides of token lifetimes - for an OIDCClient. - properties: - idTokenSeconds: - description: |- - idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of - ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID - tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. - This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens - short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the - external identity provider to decide if it is acceptable for the end user to continue their session, and will - update the end user's group memberships from the external identity provider. Giving these tokens a long life is - will allow the end user to continue to use a token while avoiding these updates from the external identity - provider. However, some web applications may have reasons specific to the design of that application to prefer - longer lifetimes. - format: int32 - maximum: 1800 - minimum: 120 - type: integer - type: object - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - properties: - conditions: - description: conditions represent the observations of an OIDCClient's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: phase summarizes the overall status of the OIDCClient. - enum: - - Pending - - Ready - - Error - type: string - totalClientSecrets: - description: totalClientSecrets is the current number of client secrets - that are detected for this OIDCClient. - format: int32 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml deleted file mode 100644 index c0b6b1e7b..000000000 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ /dev/null @@ -1,338 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: githubidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: GitHubIdentityProvider - listKind: GitHubIdentityProviderList - plural: githubidentityproviders - singular: githubidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.githubAPI.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. - This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. - - Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured - as OIDCClients. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - allowAuthentication: - description: AllowAuthentication allows customization of who can authenticate - using this IDP and how. - properties: - organizations: - description: Organizations allows customization of which organizations - can authenticate using this IDP. - properties: - allowed: - description: |- - Allowed, when specified, indicates that only users with membership in at least one of the listed - GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include - teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be - provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. - - The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, - otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams - within that organization. - - If no organizations are listed, you must set organizations: AllGitHubUsers. - items: - type: string - maxItems: 64 - type: array - x-kubernetes-list-type: set - policy: - default: OnlyUsersFromAllowedOrganizations - description: |- - Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". - Defaults to "OnlyUsersFromAllowedOrganizations". - - Must be set to "AllGitHubUsers" if the allowed field is empty. - - This field only exists to ensure that Pinniped administrators are aware that an empty list of - allowedOrganizations means all GitHub users are allowed to log in. - enum: - - OnlyUsersFromAllowedOrganizations - - AllGitHubUsers - type: string - type: object - x-kubernetes-validations: - - message: spec.allowAuthentication.organizations.policy must - be 'OnlyUsersFromAllowedOrganizations' when spec.allowAuthentication.organizations.allowed - has organizations listed - rule: '!(has(self.allowed) && size(self.allowed) > 0 && self.policy - == ''AllGitHubUsers'')' - - message: spec.allowAuthentication.organizations.policy must - be 'AllGitHubUsers' when spec.allowAuthentication.organizations.allowed - is empty - rule: '!((!has(self.allowed) || size(self.allowed) == 0) && - self.policy == ''OnlyUsersFromAllowedOrganizations'')' - required: - - organizations - type: object - claims: - default: {} - description: Claims allows customization of the username and groups - claims. - properties: - groups: - default: slug - description: |- - Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. - - Can be either "name" or "slug". Defaults to "slug". - - GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). - - GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). - - Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a - forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters - or single hyphens, so the first forward slash `/` will be the separator between the organization login name and - the team name or slug. - - If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - FederationDomain to further customize how these group names are presented to Kubernetes. - - See the response schema for - [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - enum: - - name - - slug - type: string - username: - default: login:id - description: |- - Username configures which property of the GitHub user record shall determine the username in Kubernetes. - - Can be either "id", "login", or "login:id". Defaults to "login:id". - - GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, - and may not start or end with hyphens. GitHub users are allowed to change their login name, - although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", - then a second user might change their name from "baz" to "foo" in order to take the old - username of the first user. For this reason, it is not as safe to make authorization decisions - based only on the user's login attribute. - - If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - FederationDomain to further customize how these usernames are presented to Kubernetes. - - Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and - unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value - from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable - choice to concatenate the two values. - - See the response schema for - [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - enum: - - id - - login - - login:id - type: string - type: object - client: - description: Client identifies the secret with credentials for a GitHub - App or GitHub OAuth2 App (a GitHub client). - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the clientID and - clientSecret for an GitHub App or GitHub OAuth2 client. - - This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". - minLength: 1 - type: string - required: - - secretName - type: object - githubAPI: - default: {} - description: GitHubAPI allows configuration for GitHub Enterprise - Server - properties: - host: - default: github.com - description: |- - Host is required only for GitHub Enterprise Server. - Defaults to using GitHub's public API ("github.com"). - For convenience, specifying "github.com" is equivalent to specifying "api.github.com". - Do not specify a protocol or scheme since "https://" will always be used. - Port is optional. Do not specify a path, query, fragment, or userinfo. - Only specify domain name or IP address, subdomains (optional), and port (optional). - IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address - in square brackets. Example: "[::1]:443". - minLength: 1 - type: string - tls: - description: |- - TLS configuration for GitHub Enterprise Server. - Note that this field should not be needed when using GitHub's public API ("github.com"). - However, if you choose to specify this field when using GitHub's public API, you must - specify a CA bundle that will verify connections to "api.github.com". - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM - bundle). If omitted, a default set of system roots will - be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - type: object - required: - - allowAuthentication - - client - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Conditions represents the observations of an identity - provider's current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the GitHubIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml deleted file mode 100644 index f6f1e1877..000000000 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ /dev/null @@ -1,324 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: ldapidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: LDAPIdentityProvider - listKind: LDAPIdentityProviderList - plural: ldapidentityproviders - singular: ldapidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access - Protocol (LDAP) identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - bind: - description: |- - Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server - to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the username and - password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be - of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - The password must be non-empty. - minLength: 1 - type: string - required: - - secretName - type: object - groupSearch: - description: GroupSearch contains the configuration for searching - for a user's group membership in the LDAP provider. - properties: - attributes: - description: |- - Attributes specifies how the group's information should be read from each LDAP entry which was found as - the result of the group search. - properties: - groupName: - description: |- - GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name - in the user's list of groups after a successful authentication. - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and - authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, - the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. - type: string - filter: - description: |- - Filter is the LDAP search filter which should be applied when searching for groups for a user. - The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - value of an attribute of the user entry found as a result of the user search. Which attribute's - value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - For more information about LDAP filters, see https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the Filter were specified as "member={}". - type: string - skipGroupRefresh: - description: |- - The user's group membership is refreshed as they interact with the supervisor - to obtain new credentials (as their old credentials expire). This allows group - membership changes to be quickly reflected into Kubernetes clusters. Since - group membership is often used to bind authorization policies, it is important - to keep the groups observed in Kubernetes clusters in-sync with the identity - provider. - - In some environments, frequent group membership queries may result in a - significant performance impact on the identity provider and/or the supervisor. - The best approach to handle performance impacts is to tweak the group query - to be more performant, for example by disabling nested group search or by - using a more targeted group search base. - - If the group search query cannot be made performant and you are willing to - have group memberships remain static for approximately a day, then set - skipGroupRefresh to true. This is an insecure configuration as authorization - policies that are bound to group membership will not notice if a user has - been removed from a particular group until their next login. - - This is an experimental feature that may be removed or significantly altered - in the future. Consumers of this configuration should carefully read all - release notes before upgrading to ensure that the meaning of this field has - not changed. - type: boolean - userAttributeForFilter: - description: |- - UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - For example, specifying "uid" as the UserAttributeForFilter while specifying - "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - type: string - type: object - host: - description: 'Host is the hostname of this LDAP identity provider, - i.e., where to connect. For example: ldap.example.com:636.' - minLength: 1 - type: string - tls: - description: TLS contains the connection settings for how to establish - the connection to the Host. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userSearch: - description: UserSearch contains the configuration for searching for - a user by name in the LDAP provider. - properties: - attributes: - description: |- - Attributes specifies how the user's information should be read from the LDAP entry which was found as - the result of the user search. - properties: - uid: - description: |- - UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely - identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. Distinguished names can be used by specifying lower-case "dn". - minLength: 1 - type: string - username: - description: |- - Username specifies the name of the attribute in the LDAP entry whose value shall become the username - of the user after a successful authentication. This would typically be the same attribute name used in - the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". - The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field - is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default - value of "dn={}" would not work. - minLength: 1 - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for users. - E.g. "ou=users,dc=example,dc=com". - minLength: 1 - type: string - filter: - description: |- - Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur - in the filter at least once and will be dynamically replaced by the username for which the search is being run. - E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the Filter were specified as the value from - Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be - explicitly specified, since the default value of "dn={}" would not work. - type: string - type: object - required: - - host - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the LDAPIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml deleted file mode 100644 index 2aaec4461..000000000 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ /dev/null @@ -1,331 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: oidcidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: OIDCIdentityProvider - listKind: OIDCIdentityProviderList - plural: oidcidentityproviders - singular: oidcidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCIdentityProvider describes the configuration of an upstream - OpenID Connect identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - authorizationConfig: - description: |- - AuthorizationConfig holds information about how to form the OAuth2 authorization request - parameters to be used with this OIDC identity provider. - properties: - additionalAuthorizeParameters: - description: |- - additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your - OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra - parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", - "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be - included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. - The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user - should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting - ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. - This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password - Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the - Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" - parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's - authorization endpoint for its requirements for what to include in the request in order to receive a refresh - token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, - then include it here. Also note that most providers also require a certain scope to be requested in order to - receive refresh tokens. See the additionalScopes setting for more information about using scopes to request - refresh tokens. - items: - description: Parameter is a key/value pair which represents - a parameter in an HTTP request. - properties: - name: - description: The name of the parameter. Required. - minLength: 1 - type: string - value: - description: The value of the parameter. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - additionalScopes: - description: |- - additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization - request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials - Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is - always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request - the following scopes: "openid", "offline_access", "email", and "profile". See - https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" - scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the - "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, - or as common patterns used by providers who implement the standard in the ecosystem evolve. - By setting this list to anything other than an empty list, you are overriding the - default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. - If you do not want any of these scopes to be requested, you may set this list to contain only "openid". - Some OIDC providers may also require a scope to get access to the user's group membership, in which case you - may wish to include it in this list. Sometimes the scope to request the user's group membership is called - "groups", but unfortunately this is not specified in the OIDC standard. - Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by - your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in - the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See - your OIDC provider's documentation for more information about what scopes are available to request claims. - Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor - from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be - "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its - requirements for what to include in the request in order to receive a refresh token in the response, if anything. - Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider - may ignore scopes that it does not understand or require (see - https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the - "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC - provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). - items: - type: string - type: array - allowPasswordGrant: - description: |- - allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant - (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a - username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. - The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be - supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password - Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose - to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the - cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be - convenient for users, especially for identities from your OIDC provider which are not intended to represent a human - actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, - you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this - OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password - Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords - (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other - web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. - allowPasswordGrant defaults to false. - type: boolean - type: object - claims: - description: |- - Claims provides the names of token claims that will be used when inspecting an identity from - this OIDC identity provider. - properties: - additionalClaimMappings: - additionalProperties: - type: string - description: |- - AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the - "additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of - new claim names as the keys, and upstream claim names as the values. These new claim names will be nested - under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this - OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. - This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be - used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims - are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. - type: object - groups: - description: |- - Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain - the groups to which an identity belongs. By default, the identities will not include any group memberships when - this setting is not configured. - type: string - username: - description: |- - Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to - ascertain an identity's username. When not set, the username will be an automatically constructed unique string - which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from - the ID token. - type: string - type: object - client: - description: |- - OIDCClient contains OIDC client information to be used used with this OIDC identity - provider. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the clientID and - clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient - struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys - "clientID" and "clientSecret". - type: string - required: - - secretName - type: object - issuer: - description: |- - Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch - /.well-known/openid-configuration. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: TLS configuration for discovery/JWKS requests to the - issuer. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - required: - - client - - issuer - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the OIDCIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.28/apis/concierge/authentication/v1alpha1/doc.go deleted file mode 100644 index 230739b39..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=authentication.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. -package v1alpha1 diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/register.go b/generated/1.28/apis/concierge/authentication/v1alpha1/register.go deleted file mode 100644 index 5abf2953c..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/register.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "authentication.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookAuthenticator{}, - &WebhookAuthenticatorList{}, - &JWTAuthenticator{}, - &JWTAuthenticatorList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go deleted file mode 100644 index 6c782b5ce..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ /dev/null @@ -1,312 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type JWTAuthenticatorPhase string - -const ( - // JWTAuthenticatorPhasePending is the default phase for newly-created JWTAuthenticator resources. - JWTAuthenticatorPhasePending JWTAuthenticatorPhase = "Pending" - - // JWTAuthenticatorPhaseReady is the phase for an JWTAuthenticator resource in a healthy state. - JWTAuthenticatorPhaseReady JWTAuthenticatorPhase = "Ready" - - // JWTAuthenticatorPhaseError is the phase for an JWTAuthenticator in an unhealthy state. - JWTAuthenticatorPhaseError JWTAuthenticatorPhase = "Error" -) - -// JWTAuthenticatorStatus is the status of a JWT authenticator. -type JWTAuthenticatorStatus struct { - // Represents the observations of the authenticator's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // Phase summarizes the overall status of the JWTAuthenticator. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase JWTAuthenticatorPhase `json:"phase,omitempty"` -} - -// JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. -type JWTAuthenticatorSpec struct { - // issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is - // also used to validate the "iss" JWT claim. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Issuer string `json:"issuer"` - - // audience is the required value of the "aud" JWT claim. - // +kubebuilder:validation:MinLength=1 - Audience string `json:"audience"` - - // claims allows customization of the claims that will be mapped to user identity - // for Kubernetes access. - // +optional - Claims JWTTokenClaims `json:"claims"` - - // claimValidationRules are rules that are applied to validate token claims to authenticate users. - // This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - // https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, mistakes in this - // configuration will cause the user's login to fail. - // +optional - ClaimValidationRules []ClaimValidationRule `json:"claimValidationRules,omitempty"` - - // userValidationRules are rules that are applied to final user before completing authentication. - // These allow invariants to be applied to incoming identities such as preventing the - // use of the system: prefix that is commonly used by Kubernetes components. - // The validation rules are logically ANDed together and must all return true for the validation to pass. - // This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - // https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, mistakes in this - // configuration will cause the user's login to fail. - // +optional - UserValidationRules []UserValidationRule `json:"userValidationRules,omitempty"` - - // tls is the configuration for communicating with the OIDC provider via TLS. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// ClaimValidationRule provides the configuration for a single claim validation rule. -type ClaimValidationRule struct { - // claim is the name of a required claim. - // Only string claim keys are supported. - // Mutually exclusive with expression and message. - // +optional - Claim string `json:"claim,omitempty"` - - // requiredValue is the value of a required claim. - // Only string claim values are supported. - // If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. - // Mutually exclusive with expression and message. - // +optional - RequiredValue string `json:"requiredValue,omitempty"` - - // expression represents the expression which will be evaluated by CEL. - // Must produce a boolean. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // Must return true for the validation to pass. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with claim and requiredValue. - // +optional - Expression string `json:"expression,omitempty"` - - // message customizes the returned error message when expression returns false. - // message is a literal string. - // Mutually exclusive with claim and requiredValue. - // +optional - Message string `json:"message,omitempty"` -} - -// UserValidationRule provides the configuration for a single user info validation rule. -type UserValidationRule struct { - // expression represents the expression which will be evaluated by CEL. - // Must return true for the validation to pass. - // - // CEL expressions have access to the contents of UserInfo, organized into CEL variable: - // - 'user' - authentication.k8s.io/v1, Kind=UserInfo object - // Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. - // API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // +required - Expression string `json:"expression"` - - // message customizes the returned error message when rule returns false. - // message is a literal string. - // +optional - Message string `json:"message,omitempty"` -} - -// JWTTokenClaims allows customization of the claims that will be mapped to user identity -// for Kubernetes access. -type JWTTokenClaims struct { - // username is the name of the claim which should be read to extract the - // username from the JWT token. When not specified, it will default to "username", - // unless usernameExpression is specified. - // - // Mutually exclusive with usernameExpression. Use either username or usernameExpression to - // determine the user's username from the JWT token. - // +optional - Username string `json:"username"` - - // usernameExpression represents an expression which will be evaluated by CEL. - // The expression's result will become the user's username. - // - // usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to the expected type without errors, or else the user's login will fail. - // Additionally, mistakes in this configuration can cause the users to have unintended usernames. - // - // The expression must produce a non-empty string value. - // If the expression uses 'claims.email', then 'claims.email_verified' must be used in - // the expression or extra[*].valueExpression or claimValidationRules[*].expression. - // An example claim validation rule expression that matches the validation automatically - // applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. - // By explicitly comparing the value to true, we let type-checking see the result will be a boolean, - // and to make sure a non-boolean email_verified claim will be caught at runtime. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with username. Use either username or usernameExpression to - // determine the user's username from the JWT token. - // +optional - UsernameExpression string `json:"usernameExpression,omitempty"` - - // groups is the name of the claim which should be read to extract the user's - // group membership from the JWT token. When not specified, it will default to "groups", - // unless groupsExpression is specified. - // - // Mutually exclusive with groupsExpression. Use either groups or groupsExpression to - // determine the user's group membership from the JWT token. - // +optional - Groups string `json:"groups"` - - // groupsExpression represents an expression which will be evaluated by CEL. - // The expression's result will become the user's group memberships. - // - // groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to one of the expected types without errors, or else the user's login will fail. - // Additionally, mistakes in this configuration can cause the users to have unintended group memberships. - // - // The expression must produce a string or string array value. - // "", [], and null values are treated as the group mapping not being present. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with groups. Use either groups or groupsExpression to - // determine the user's group membership from the JWT token. - // +optional - GroupsExpression string `json:"groupsExpression,omitempty"` - - // extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // - // However, note that the Pinniped Concierge issues client certificates to users for the purpose - // of authenticating, and the Kubernetes API server does not have any mechanism for transmitting - // auth extras via client certificates. When configured, these extras will appear in client - // certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational - // Units (OU). However, when this client certificate is presented to Kubernetes for authentication, - // Kubernetes will ignore these extras. This is probably only useful if you are using a custom - // authenticating proxy in front of your Kubernetes API server which can translate these OUs into - // auth extras, as described by - // https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to either a string or an array of strings, or else the user's login will fail. - // - // These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). - // - // expression must produce a string or string array value. - // If the value is empty, the extra mapping will not be present. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // hard-coded extra key/value - // - key: "acme.io/foo" - // valueExpression: "'bar'" - // This will result in an extra attribute - acme.io/foo: ["bar"] - // - // hard-coded key, value copying claim value - // - key: "acme.io/foo" - // valueExpression: "claims.some_claim" - // This will result in an extra attribute - acme.io/foo: [value of some_claim] - // - // hard-coded key, value derived from claim value - // - key: "acme.io/admin" - // valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' - // This will result in: - // - if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] - // - if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added - // - // +optional - Extra []ExtraMapping `json:"extra,omitempty"` -} - -// ExtraMapping provides the configuration for a single extra mapping. -type ExtraMapping struct { - // key is a string to use as the extra attribute key. - // key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid - // subdomain as defined by RFC 1123. All characters trailing the first "/" must - // be valid HTTP Path characters as defined by RFC 3986. - // key must be lowercase. - // Required to be unique. - // Additionally, the key must not contain an equals sign ("="). - // +required - Key string `json:"key"` - - // valueExpression is a CEL expression to extract extra attribute value. - // valueExpression must produce a string or string array value. - // "", [], and null values are treated as the extra mapping not being present. - // Empty string values contained within a string array are filtered out. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // +required - ValueExpression string `json:"valueExpression"` -} - -// JWTAuthenticator describes the configuration of a JWT authenticator. -// -// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid -// signature, existence of claims, etc.) and extract the username and groups from the token. -// -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type JWTAuthenticator struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec for configuring the authenticator. - Spec JWTAuthenticatorSpec `json:"spec"` - - // status of the authenticator. - Status JWTAuthenticatorStatus `json:"status,omitempty"` -} - -// JWTAuthenticatorList is a list of JWTAuthenticator objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type JWTAuthenticatorList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []JWTAuthenticator `json:"items"` -} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_tls.go deleted file mode 100644 index fd728efbd..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_tls.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. -// -// +kubebuilder:validation:Enum=Secret;ConfigMap -type CertificateAuthorityDataSourceKind string - -const ( - // CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles. - CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap") - - // CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles. - // Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque. - CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret") -) - -// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. -type CertificateAuthorityDataSourceSpec struct { - // Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - // Allowed values are "Secret" or "ConfigMap". - // "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - // "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - Kind CertificateAuthorityDataSourceKind `json:"kind"` - // Name is the resource name of the secret or configmap from which to read the CA bundle. - // The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - // Key is the key name within the secret or configmap from which to read the CA bundle. - // The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - // certificate bundle. - // +kubebuilder:validation:MinLength=1 - Key string `json:"key"` -} - -// TLSSpec provides TLS configuration on various authenticators. -type TLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - // Reference to a CA bundle in a secret or a configmap. - // Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - // +optional - CertificateAuthorityDataSource *CertificateAuthorityDataSourceSpec `json:"certificateAuthorityDataSource,omitempty"` -} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go deleted file mode 100644 index 5a5efaf1c..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type WebhookAuthenticatorPhase string - -const ( - // WebhookAuthenticatorPhasePending is the default phase for newly-created WebhookAuthenticator resources. - WebhookAuthenticatorPhasePending WebhookAuthenticatorPhase = "Pending" - - // WebhookAuthenticatorPhaseReady is the phase for an WebhookAuthenticator resource in a healthy state. - WebhookAuthenticatorPhaseReady WebhookAuthenticatorPhase = "Ready" - - // WebhookAuthenticatorPhaseError is the phase for an WebhookAuthenticator in an unhealthy state. - WebhookAuthenticatorPhaseError WebhookAuthenticatorPhase = "Error" -) - -// Status of a webhook authenticator. -type WebhookAuthenticatorStatus struct { - // Represents the observations of the authenticator's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - // Phase summarizes the overall status of the WebhookAuthenticator. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase WebhookAuthenticatorPhase `json:"phase,omitempty"` -} - -// Spec for configuring a webhook authenticator. -type WebhookAuthenticatorSpec struct { - // Webhook server endpoint URL. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Endpoint string `json:"endpoint"` - - // TLS configuration. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// WebhookAuthenticator describes the configuration of a webhook authenticator. -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster -// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type WebhookAuthenticator struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the authenticator. - Spec WebhookAuthenticatorSpec `json:"spec"` - - // Status of the authenticator. - Status WebhookAuthenticatorStatus `json:"status,omitempty"` -} - -// List of WebhookAuthenticator objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookAuthenticatorList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []WebhookAuthenticator `json:"items"` -} diff --git a/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index cf8c0e61c..000000000 --- a/generated/1.28/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,341 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateAuthorityDataSourceSpec) DeepCopyInto(out *CertificateAuthorityDataSourceSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateAuthorityDataSourceSpec. -func (in *CertificateAuthorityDataSourceSpec) DeepCopy() *CertificateAuthorityDataSourceSpec { - if in == nil { - return nil - } - out := new(CertificateAuthorityDataSourceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClaimValidationRule) DeepCopyInto(out *ClaimValidationRule) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimValidationRule. -func (in *ClaimValidationRule) DeepCopy() *ClaimValidationRule { - if in == nil { - return nil - } - out := new(ClaimValidationRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraMapping. -func (in *ExtraMapping) DeepCopy() *ExtraMapping { - if in == nil { - return nil - } - out := new(ExtraMapping) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator. -func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator { - if in == nil { - return nil - } - out := new(JWTAuthenticator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *JWTAuthenticator) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]JWTAuthenticator, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList. -func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList { - if in == nil { - return nil - } - out := new(JWTAuthenticatorList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) { - *out = *in - in.Claims.DeepCopyInto(&out.Claims) - if in.ClaimValidationRules != nil { - in, out := &in.ClaimValidationRules, &out.ClaimValidationRules - *out = make([]ClaimValidationRule, len(*in)) - copy(*out, *in) - } - if in.UserValidationRules != nil { - in, out := &in.UserValidationRules, &out.UserValidationRules - *out = make([]UserValidationRule, len(*in)) - copy(*out, *in) - } - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec. -func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec { - if in == nil { - return nil - } - out := new(JWTAuthenticatorSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus. -func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus { - if in == nil { - return nil - } - out := new(JWTAuthenticatorStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) { - *out = *in - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make([]ExtraMapping, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims. -func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims { - if in == nil { - return nil - } - out := new(JWTTokenClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { - *out = *in - if in.CertificateAuthorityDataSource != nil { - in, out := &in.CertificateAuthorityDataSource, &out.CertificateAuthorityDataSource - *out = new(CertificateAuthorityDataSourceSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. -func (in *TLSSpec) DeepCopy() *TLSSpec { - if in == nil { - return nil - } - out := new(TLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserValidationRule) DeepCopyInto(out *UserValidationRule) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserValidationRule. -func (in *UserValidationRule) DeepCopy() *UserValidationRule { - if in == nil { - return nil - } - out := new(UserValidationRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. -func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { - if in == nil { - return nil - } - out := new(WebhookAuthenticator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WebhookAuthenticator, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. -func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. -func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. -func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/concierge/config/v1alpha1/doc.go b/generated/1.28/apis/concierge/config/v1alpha1/doc.go deleted file mode 100644 index a5d41ff3f..000000000 --- a/generated/1.28/apis/concierge/config/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=config.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. -package v1alpha1 diff --git a/generated/1.28/apis/concierge/config/v1alpha1/register.go b/generated/1.28/apis/concierge/config/v1alpha1/register.go deleted file mode 100644 index dbcba3b91..000000000 --- a/generated/1.28/apis/concierge/config/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "config.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &CredentialIssuer{}, - &CredentialIssuerList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.28/apis/concierge/config/v1alpha1/types_credentialissuer.go deleted file mode 100644 index f3e289550..000000000 --- a/generated/1.28/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ /dev/null @@ -1,257 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. -// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy -type StrategyType string - -// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. -// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy -type FrontendType string - -// StrategyStatus enumerates whether a strategy is working on a cluster. -// +kubebuilder:validation:Enum=Success;Error -type StrategyStatus string - -// StrategyReason enumerates the detailed reason why a strategy is in a particular status. -// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey -type StrategyReason string - -const ( - KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") - ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy") - - TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI") - ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy") - - SuccessStrategyStatus = StrategyStatus("Success") - ErrorStrategyStatus = StrategyStatus("Error") - - ListeningStrategyReason = StrategyReason("Listening") - PendingStrategyReason = StrategyReason("Pending") - DisabledStrategyReason = StrategyReason("Disabled") - ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup") - CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") - CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo") - FetchedKeyStrategyReason = StrategyReason("FetchedKey") -) - -// CredentialIssuerSpec describes the intended configuration of the Concierge. -type CredentialIssuerSpec struct { - // ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. - ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"` -} - -// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. -// Allowed values are "auto", "enabled", or "disabled". -// -// +kubebuilder:validation:Enum=auto;enabled;disabled -type ImpersonationProxyMode string - -const ( - // ImpersonationProxyModeDisabled explicitly disables the impersonation proxy. - ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled") - - // ImpersonationProxyModeEnabled explicitly enables the impersonation proxy. - ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled") - - // ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running. - ImpersonationProxyModeAuto = ImpersonationProxyMode("auto") -) - -// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. -// Allowed values are "LoadBalancer", "ClusterIP", or "None". -// -// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None -type ImpersonationProxyServiceType string - -const ( - // ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer. - ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer") - - // ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP. - ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP") - - // ImpersonationProxyServiceTypeNone does not automatically provision any service. - ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None") -) - -// ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should -// serve TLS. -// -// If CertificateAuthorityData is not provided, the Concierge impersonation proxy will check the secret -// for a field called "ca.crt", which will be used as the CertificateAuthorityData. -// -// If neither CertificateAuthorityData nor ca.crt is provided, no CA bundle will be advertised for -// the impersonation proxy endpoint. -type ImpersonationProxyTLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). - // Used to advertise the CA bundle for the impersonation proxy endpoint. - // - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - - // SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - // the TLS serving certificate for the Concierge impersonation proxy endpoint. - // - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName,omitempty"` -} - -// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. -type ImpersonationProxySpec struct { - // Mode configures whether the impersonation proxy should be started: - // - "disabled" explicitly disables the impersonation proxy. This is the default. - // - "enabled" explicitly enables the impersonation proxy. - // - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. - Mode ImpersonationProxyMode `json:"mode"` - - // Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. - // - // +kubebuilder:default:={"type": "LoadBalancer"} - Service ImpersonationProxyServiceSpec `json:"service"` - - // ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will - // be served using the external name of the LoadBalancer service or the cluster service DNS name. - // - // This field must be non-empty when spec.impersonationProxy.service.type is "None". - // - // +optional - ExternalEndpoint string `json:"externalEndpoint,omitempty"` - - // TLS contains information about how the Concierge impersonation proxy should serve TLS. - // - // If this field is empty, the impersonation proxy will generate its own TLS certificate. - // - // +optional - TLS *ImpersonationProxyTLSSpec `json:"tls,omitempty"` -} - -// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. -type ImpersonationProxyServiceSpec struct { - // Type specifies the type of Service to provision for the impersonation proxy. - // - // If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty - // value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. - // - // +kubebuilder:default:="LoadBalancer" - Type ImpersonationProxyServiceType `json:"type,omitempty"` - - // LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. - // This is not supported on all cloud providers. - // - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=255 - // +optional - LoadBalancerIP string `json:"loadBalancerIP,omitempty"` - - // Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. - // - // +optional - Annotations map[string]string `json:"annotations,omitempty"` -} - -// CredentialIssuerStatus describes the status of the Concierge. -type CredentialIssuerStatus struct { - // List of integration strategies that were attempted by Pinniped. - Strategies []CredentialIssuerStrategy `json:"strategies"` -} - -// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. -type CredentialIssuerStrategy struct { - // Type of integration attempted. - Type StrategyType `json:"type"` - - // Status of the attempted integration strategy. - Status StrategyStatus `json:"status"` - - // Reason for the current status. - Reason StrategyReason `json:"reason"` - - // Human-readable description of the current status. - // +kubebuilder:validation:MinLength=1 - Message string `json:"message"` - - // When the status was last checked. - LastUpdateTime metav1.Time `json:"lastUpdateTime"` - - // Frontend describes how clients can connect using this strategy. - Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"` -} - -// CredentialIssuerFrontend describes how to connect using a particular integration strategy. -type CredentialIssuerFrontend struct { - // Type describes which frontend mechanism clients can use with a strategy. - Type FrontendType `json:"type"` - - // TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - // This field is only set when Type is "TokenCredentialRequestAPI". - TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"` - - // ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - // This field is only set when Type is "ImpersonationProxy". - ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"` -} - -// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. -type TokenCredentialRequestAPIInfo struct { - // Server is the Kubernetes API server URL. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://|^http://` - Server string `json:"server"` - - // CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. - // +kubebuilder:validation:MinLength=1 - CertificateAuthorityData string `json:"certificateAuthorityData"` -} - -// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. -type ImpersonationProxyInfo struct { - // Endpoint is the HTTPS endpoint of the impersonation proxy. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Endpoint string `json:"endpoint"` - - // CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. - // +kubebuilder:validation:MinLength=1 - CertificateAuthorityData string `json:"certificateAuthorityData"` -} - -// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped,scope=Cluster -// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode` -// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type CredentialIssuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec describes the intended configuration of the Concierge. - // - // +optional - Spec CredentialIssuerSpec `json:"spec"` - - // CredentialIssuerStatus describes the status of the Concierge. - // - // +optional - Status CredentialIssuerStatus `json:"status"` -} - -// CredentialIssuerList is a list of CredentialIssuer objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type CredentialIssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []CredentialIssuer `json:"items"` -} diff --git a/generated/1.28/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index e0dffe816..000000000 --- a/generated/1.28/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,259 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer. -func (in *CredentialIssuer) DeepCopy() *CredentialIssuer { - if in == nil { - return nil - } - out := new(CredentialIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CredentialIssuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) { - *out = *in - if in.TokenCredentialRequestAPIInfo != nil { - in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo - *out = new(TokenCredentialRequestAPIInfo) - **out = **in - } - if in.ImpersonationProxyInfo != nil { - in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo - *out = new(ImpersonationProxyInfo) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend. -func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend { - if in == nil { - return nil - } - out := new(CredentialIssuerFrontend) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CredentialIssuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList. -func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList { - if in == nil { - return nil - } - out := new(CredentialIssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CredentialIssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) { - *out = *in - if in.ImpersonationProxy != nil { - in, out := &in.ImpersonationProxy, &out.ImpersonationProxy - *out = new(ImpersonationProxySpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec. -func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec { - if in == nil { - return nil - } - out := new(CredentialIssuerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) { - *out = *in - if in.Strategies != nil { - in, out := &in.Strategies, &out.Strategies - *out = make([]CredentialIssuerStrategy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus. -func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus { - if in == nil { - return nil - } - out := new(CredentialIssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) { - *out = *in - in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) - if in.Frontend != nil { - in, out := &in.Frontend, &out.Frontend - *out = new(CredentialIssuerFrontend) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy. -func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy { - if in == nil { - return nil - } - out := new(CredentialIssuerStrategy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo. -func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo { - if in == nil { - return nil - } - out := new(ImpersonationProxyInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec. -func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec { - if in == nil { - return nil - } - out := new(ImpersonationProxyServiceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) { - *out = *in - in.Service.DeepCopyInto(&out.Service) - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(ImpersonationProxyTLSSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec. -func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec { - if in == nil { - return nil - } - out := new(ImpersonationProxySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyTLSSpec) DeepCopyInto(out *ImpersonationProxyTLSSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyTLSSpec. -func (in *ImpersonationProxyTLSSpec) DeepCopy() *ImpersonationProxyTLSSpec { - if in == nil { - return nil - } - out := new(ImpersonationProxyTLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo. -func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo { - if in == nil { - return nil - } - out := new(TokenCredentialRequestAPIInfo) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/concierge/identity/doc.go b/generated/1.28/apis/concierge/identity/doc.go deleted file mode 100644 index 983a67776..000000000 --- a/generated/1.28/apis/concierge/identity/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=identity.concierge.pinniped.dev - -// Package identity is the internal version of the Pinniped identity API. -package identity diff --git a/generated/1.28/apis/concierge/identity/register.go b/generated/1.28/apis/concierge/identity/register.go deleted file mode 100644 index 5fb2f80d9..000000000 --- a/generated/1.28/apis/concierge/identity/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "identity.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WhoAmIRequest{}, - &WhoAmIRequestList{}, - ) - return nil -} diff --git a/generated/1.28/apis/concierge/identity/types_userinfo.go b/generated/1.28/apis/concierge/identity/types_userinfo.go deleted file mode 100644 index 587cfa1f7..000000000 --- a/generated/1.28/apis/concierge/identity/types_userinfo.go +++ /dev/null @@ -1,37 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import "fmt" - -// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -// Copied from the Kubernetes token review API. -type KubernetesUserInfo struct { - // User is the UserInfo associated with the current user. - User UserInfo - // Audiences are audience identifiers chosen by the authenticator. - Audiences []string -} - -// UserInfo holds the information about the user needed to implement the -// user.Info interface. -type UserInfo struct { - // The name that uniquely identifies this user among all active users. - Username string - // A unique value that identifies this user across time. If this user is - // deleted and another user by the same name is added, they will have - // different UIDs. - UID string - // The names of groups this user is a part of. - Groups []string - // Any additional information provided by the authenticator. - Extra map[string]ExtraValue -} - -// ExtraValue masks the value so protobuf can generate -type ExtraValue []string - -func (t ExtraValue) String() string { - return fmt.Sprintf("%v", []string(t)) -} diff --git a/generated/1.28/apis/concierge/identity/types_whoamirequest.go b/generated/1.28/apis/concierge/identity/types_whoamirequest.go deleted file mode 100644 index 293869a0d..000000000 --- a/generated/1.28/apis/concierge/identity/types_whoamirequest.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// WhoAmIRequest submits a request to echo back the current authenticated user. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequest struct { - metav1.TypeMeta - metav1.ObjectMeta - - Spec WhoAmIRequestSpec - Status WhoAmIRequestStatus -} - -// Spec is always empty for a WhoAmIRequest. -type WhoAmIRequestSpec struct { - // empty for now but we may add some config here in the future - // any such config must be safe in the context of an unauthenticated user -} - -// Status is set by the server in the response to a WhoAmIRequest. -type WhoAmIRequestStatus struct { - // The current authenticated user, exactly as Kubernetes understands it. - KubernetesUserInfo KubernetesUserInfo - - // We may add concierge specific information here in the future. -} - -// WhoAmIRequestList is a list of WhoAmIRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of WhoAmIRequest. - Items []WhoAmIRequest -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.28/apis/concierge/identity/v1alpha1/conversion.go deleted file mode 100644 index 9fe7cce6d..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.28/apis/concierge/identity/v1alpha1/defaults.go deleted file mode 100644 index 7835b69e9..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/doc.go b/generated/1.28/apis/concierge/identity/v1alpha1/doc.go deleted file mode 100644 index b7c7ab742..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.28/apis/concierge/identity -// +k8s:defaulter-gen=TypeMeta -// +groupName=identity.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -package v1alpha1 diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/register.go b/generated/1.28/apis/concierge/identity/v1alpha1/register.go deleted file mode 100644 index d87f2de2d..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "identity.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WhoAmIRequest{}, - &WhoAmIRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.28/apis/concierge/identity/v1alpha1/types_userinfo.go deleted file mode 100644 index 3a779afab..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/types_userinfo.go +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import "fmt" - -// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -// Copied from the Kubernetes token review API. -type KubernetesUserInfo struct { - // User is the UserInfo associated with the current user. - User UserInfo `json:"user"` - // Audiences are audience identifiers chosen by the authenticator. - // +optional - Audiences []string `json:"audiences,omitempty"` -} - -// UserInfo holds the information about the user needed to implement the -// user.Info interface. -type UserInfo struct { - // The name that uniquely identifies this user among all active users. - Username string `json:"username"` - // A unique value that identifies this user across time. If this user is - // deleted and another user by the same name is added, they will have - // different UIDs. - // +optional - UID string `json:"uid,omitempty"` - // The names of groups this user is a part of. - // +optional - Groups []string `json:"groups,omitempty"` - // Any additional information provided by the authenticator. - // +optional - Extra map[string]ExtraValue `json:"extra,omitempty"` -} - -// ExtraValue masks the value so protobuf can generate -type ExtraValue []string - -func (t ExtraValue) String() string { - return fmt.Sprintf("%v", []string(t)) -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/types_whoamirequest.go b/generated/1.28/apis/concierge/identity/v1alpha1/types_whoamirequest.go deleted file mode 100644 index a8ee14544..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/types_whoamirequest.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// WhoAmIRequest submits a request to echo back the current authenticated user. -// +genclient -// +genclient:nonNamespaced -// +genclient:onlyVerbs=create -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec WhoAmIRequestSpec `json:"spec,omitempty"` - Status WhoAmIRequestStatus `json:"status,omitempty"` -} - -// Spec is always empty for a WhoAmIRequest. -type WhoAmIRequestSpec struct { - // empty for now but we may add some config here in the future - // any such config must be safe in the context of an unauthenticated user -} - -// Status is set by the server in the response to a WhoAmIRequest. -type WhoAmIRequestStatus struct { - // The current authenticated user, exactly as Kubernetes understands it. - KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"` - - // We may add concierge specific information here in the future. -} - -// WhoAmIRequestList is a list of WhoAmIRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of WhoAmIRequest. - Items []WhoAmIRequest `json:"items"` -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 518772f74..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,185 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ExtraValue) DeepCopyInto(out *ExtraValue) { - { - in := &in - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. -func (in ExtraValue) DeepCopy() ExtraValue { - if in == nil { - return nil - } - out := new(ExtraValue) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { - *out = *in - in.User.DeepCopyInto(&out.User) - if in.Audiences != nil { - in, out := &in.Audiences, &out.Audiences - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. -func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { - if in == nil { - return nil - } - out := new(KubernetesUserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserInfo) DeepCopyInto(out *UserInfo) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string]ExtraValue, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. -func (in *UserInfo) DeepCopy() *UserInfo { - if in == nil { - return nil - } - out := new(UserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. -func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { - if in == nil { - return nil - } - out := new(WhoAmIRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WhoAmIRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. -func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { - if in == nil { - return nil - } - out := new(WhoAmIRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. -func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { - if in == nil { - return nil - } - out := new(WhoAmIRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { - *out = *in - in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. -func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { - if in == nil { - return nil - } - out := new(WhoAmIRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.28/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/identity/zz_generated.deepcopy.go deleted file mode 100644 index fd46cd573..000000000 --- a/generated/1.28/apis/concierge/identity/zz_generated.deepcopy.go +++ /dev/null @@ -1,185 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package identity - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ExtraValue) DeepCopyInto(out *ExtraValue) { - { - in := &in - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. -func (in ExtraValue) DeepCopy() ExtraValue { - if in == nil { - return nil - } - out := new(ExtraValue) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { - *out = *in - in.User.DeepCopyInto(&out.User) - if in.Audiences != nil { - in, out := &in.Audiences, &out.Audiences - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. -func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { - if in == nil { - return nil - } - out := new(KubernetesUserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserInfo) DeepCopyInto(out *UserInfo) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string]ExtraValue, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. -func (in *UserInfo) DeepCopy() *UserInfo { - if in == nil { - return nil - } - out := new(UserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. -func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { - if in == nil { - return nil - } - out := new(WhoAmIRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WhoAmIRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. -func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { - if in == nil { - return nil - } - out := new(WhoAmIRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. -func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { - if in == nil { - return nil - } - out := new(WhoAmIRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { - *out = *in - in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. -func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { - if in == nil { - return nil - } - out := new(WhoAmIRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/concierge/login/doc.go b/generated/1.28/apis/concierge/login/doc.go deleted file mode 100644 index 4e46f56a0..000000000 --- a/generated/1.28/apis/concierge/login/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=login.concierge.pinniped.dev - -// Package login is the internal version of the Pinniped login API. -package login diff --git a/generated/1.28/apis/concierge/login/register.go b/generated/1.28/apis/concierge/login/register.go deleted file mode 100644 index eb4c1a55e..000000000 --- a/generated/1.28/apis/concierge/login/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "login.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &TokenCredentialRequest{}, - &TokenCredentialRequestList{}, - ) - return nil -} diff --git a/generated/1.28/apis/concierge/login/types_clustercredential.go b/generated/1.28/apis/concierge/login/types_clustercredential.go deleted file mode 100644 index 8f84e0937..000000000 --- a/generated/1.28/apis/concierge/login/types_clustercredential.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ClusterCredential is the cluster-specific credential returned on a successful credential request. It -// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. -type ClusterCredential struct { - // ExpirationTimestamp indicates a time when the provided credentials expire. - ExpirationTimestamp metav1.Time - - // Token is a bearer token used by the client for request authentication. - Token string - - // PEM-encoded client TLS certificates (including intermediates, if any). - ClientCertificateData string - - // PEM-encoded private key for the above certificate. - ClientKeyData string -} diff --git a/generated/1.28/apis/concierge/login/types_tokencredentialrequest.go b/generated/1.28/apis/concierge/login/types_tokencredentialrequest.go deleted file mode 100644 index 62af47f16..000000000 --- a/generated/1.28/apis/concierge/login/types_tokencredentialrequest.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. -type TokenCredentialRequestSpec struct { - // Bearer token supplied with the credential request. - Token string - - // Reference to an authenticator which can validate this credential request. - Authenticator corev1.TypedLocalObjectReference -} - -// Status of a TokenCredentialRequest, returned on responses to the Pinniped API. -type TokenCredentialRequestStatus struct { - // A Credential will be returned for a successful credential request. - // +optional - Credential *ClusterCredential - - // An error message will be returned for an unsuccessful credential request. - // +optional - Message *string -} - -// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequest struct { - metav1.TypeMeta - metav1.ObjectMeta - - Spec TokenCredentialRequestSpec - Status TokenCredentialRequestStatus -} - -// TokenCredentialRequestList is a list of TokenCredentialRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of TokenCredentialRequest. - Items []TokenCredentialRequest -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/conversion.go b/generated/1.28/apis/concierge/login/v1alpha1/conversion.go deleted file mode 100644 index a0e3fd36a..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.28/apis/concierge/login/v1alpha1/defaults.go b/generated/1.28/apis/concierge/login/v1alpha1/defaults.go deleted file mode 100644 index 487a7d6c3..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/doc.go b/generated/1.28/apis/concierge/login/v1alpha1/doc.go deleted file mode 100644 index 93347d223..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.28/apis/concierge/login -// +k8s:defaulter-gen=TypeMeta -// +groupName=login.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -package v1alpha1 diff --git a/generated/1.28/apis/concierge/login/v1alpha1/register.go b/generated/1.28/apis/concierge/login/v1alpha1/register.go deleted file mode 100644 index 40a50b40b..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "login.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &TokenCredentialRequest{}, - &TokenCredentialRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/types_clustercredential.go b/generated/1.28/apis/concierge/login/v1alpha1/types_clustercredential.go deleted file mode 100644 index 1cab01721..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/types_clustercredential.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ClusterCredential is the cluster-specific credential returned on a successful credential request. It -// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. -type ClusterCredential struct { - // ExpirationTimestamp indicates a time when the provided credentials expire. - ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` - - // Token is a bearer token used by the client for request authentication. - Token string `json:"token,omitempty"` - - // PEM-encoded client TLS certificates (including intermediates, if any). - ClientCertificateData string `json:"clientCertificateData,omitempty"` - - // PEM-encoded private key for the above certificate. - ClientKeyData string `json:"clientKeyData,omitempty"` -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go b/generated/1.28/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go deleted file mode 100644 index 9b5c1d587..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. -type TokenCredentialRequestSpec struct { - // Bearer token supplied with the credential request. - Token string `json:"token,omitempty"` - - // Reference to an authenticator which can validate this credential request. - Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` -} - -// Status of a TokenCredentialRequest, returned on responses to the Pinniped API. -type TokenCredentialRequestStatus struct { - // A Credential will be returned for a successful credential request. - // +optional - Credential *ClusterCredential `json:"credential,omitempty"` - - // An error message will be returned for an unsuccessful credential request. - // +optional - Message *string `json:"message,omitempty"` -} - -// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. -// +genclient -// +genclient:nonNamespaced -// +genclient:onlyVerbs=create -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec TokenCredentialRequestSpec `json:"spec,omitempty"` - Status TokenCredentialRequestStatus `json:"status,omitempty"` -} - -// TokenCredentialRequestList is a list of TokenCredentialRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of TokenCredentialRequest. - Items []TokenCredentialRequest `json:"items"` -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index 575c92821..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,201 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - login "go.pinniped.dev/generated/1.28/apis/concierge/login" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { - out.ExpirationTimestamp = in.ExpirationTimestamp - out.Token = in.Token - out.ClientCertificateData = in.ClientCertificateData - out.ClientKeyData = in.ClientKeyData - return nil -} - -// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function. -func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { - return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s) -} - -func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { - out.ExpirationTimestamp = in.ExpirationTimestamp - out.Token = in.Token - out.ClientCertificateData = in.ClientCertificateData - out.ClientKeyData = in.ClientKeyData - return nil -} - -// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function. -func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { - return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s) -} - -func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function. -func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { - out.Token = in.Token - out.Authenticator = in.Authenticator - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { - out.Token = in.Token - out.Authenticator = in.Authenticator - return nil -} - -// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { - out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential)) - out.Message = (*string)(unsafe.Pointer(in.Message)) - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { - out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential)) - out.Message = (*string)(unsafe.Pointer(in.Message)) - return nil -} - -// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s) -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 56b559320..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,134 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { - *out = *in - in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. -func (in *ClusterCredential) DeepCopy() *ClusterCredential { - if in == nil { - return nil - } - out := new(ClusterCredential) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. -func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { - if in == nil { - return nil - } - out := new(TokenCredentialRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]TokenCredentialRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. -func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { - if in == nil { - return nil - } - out := new(TokenCredentialRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { - *out = *in - in.Authenticator.DeepCopyInto(&out.Authenticator) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. -func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { - if in == nil { - return nil - } - out := new(TokenCredentialRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { - *out = *in - if in.Credential != nil { - in, out := &in.Credential, &out.Credential - *out = new(ClusterCredential) - (*in).DeepCopyInto(*out) - } - if in.Message != nil { - in, out := &in.Message, &out.Message - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. -func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { - if in == nil { - return nil - } - out := new(TokenCredentialRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.28/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.28/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.28/apis/concierge/login/zz_generated.deepcopy.go deleted file mode 100644 index 6c316e8a9..000000000 --- a/generated/1.28/apis/concierge/login/zz_generated.deepcopy.go +++ /dev/null @@ -1,134 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package login - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { - *out = *in - in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. -func (in *ClusterCredential) DeepCopy() *ClusterCredential { - if in == nil { - return nil - } - out := new(ClusterCredential) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. -func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { - if in == nil { - return nil - } - out := new(TokenCredentialRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]TokenCredentialRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. -func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { - if in == nil { - return nil - } - out := new(TokenCredentialRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { - *out = *in - in.Authenticator.DeepCopyInto(&out.Authenticator) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. -func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { - if in == nil { - return nil - } - out := new(TokenCredentialRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { - *out = *in - if in.Credential != nil { - in, out := &in.Credential, &out.Credential - *out = new(ClusterCredential) - (*in).DeepCopyInto(*out) - } - if in.Message != nil { - in, out := &in.Message, &out.Message - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. -func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { - if in == nil { - return nil - } - out := new(TokenCredentialRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/go.mod b/generated/1.28/apis/go.mod deleted file mode 100644 index 7cdfbc02c..000000000 --- a/generated/1.28/apis/go.mod +++ /dev/null @@ -1,9 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.28/apis - -go 1.13 - -require ( - k8s.io/api v0.28.15 - k8s.io/apimachinery v0.28.15 -) diff --git a/generated/1.28/apis/go.sum b/generated/1.28/apis/go.sum deleted file mode 100644 index e968f22f3..000000000 --- a/generated/1.28/apis/go.sum +++ /dev/null @@ -1,320 +0,0 @@ -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw= -github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= -github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= -github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= -github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= -github.com/onsi/ginkgo/v2 v2.9.2/go.mod h1:WHcJJG2dIlcCqVfBAwUCrJxSPFb6v4azBwgxeMeDuts= -github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= -github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= -github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= -github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= -github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= -github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.28.15 h1:u+Sze8gI+DayQxndS0htiJf8yVooHyUx/H4jEehtmNs= -k8s.io/api v0.28.15/go.mod h1:SJuOJTphYG05iJC9UKnUTNkY84Mvveu1P7adCgWqjCg= -k8s.io/apimachinery v0.28.15 h1:Jg15ZoCcAgnhSRKVS6tQyUZaX9c3i08bl2qAz8XE3bI= -k8s.io/apimachinery v0.28.15/go.mod h1:zUG757HaKs6Dc3iGtKjzIpBfqTM4yiRsEe3/E7NX15o= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.28/apis/supervisor/clientsecret/doc.go b/generated/1.28/apis/supervisor/clientsecret/doc.go deleted file mode 100644 index ccd69d4a7..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=clientsecret.supervisor.pinniped.dev - -// Package clientsecret is the internal version of the Pinniped client secret API. -package clientsecret diff --git a/generated/1.28/apis/supervisor/clientsecret/register.go b/generated/1.28/apis/supervisor/clientsecret/register.go deleted file mode 100644 index 5ec38a2ea..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package clientsecret - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "clientsecret.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClientSecretRequest{}, - &OIDCClientSecretRequestList{}, - ) - return nil -} diff --git a/generated/1.28/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.28/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go deleted file mode 100644 index 9a5b46286..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package clientsecret - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequest struct { - metav1.TypeMeta - metav1.ObjectMeta // metadata.name must be set to the client ID - - Spec OIDCClientSecretRequestSpec - - // +optional - Status OIDCClientSecretRequestStatus -} - -// Spec of the OIDCClientSecretRequest. -type OIDCClientSecretRequestSpec struct { - // Request a new client secret to for the OIDCClient referenced by the metadata.name field. - // +optional - GenerateNewSecret bool - - // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. - // +optional - RevokeOldSecrets bool -} - -// Status of the OIDCClientSecretRequest. -type OIDCClientSecretRequestStatus struct { - // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. - GeneratedSecret string - - // The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. - TotalClientSecrets int -} - -// OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of OIDCClientSecretRequest. - Items []OIDCClientSecretRequest -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/conversion.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/conversion.go deleted file mode 100644 index 1f44e3ff9..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/defaults.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/defaults.go deleted file mode 100644 index 017391788..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/doc.go deleted file mode 100644 index 63d591270..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/doc.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret -// +k8s:defaulter-gen=TypeMeta -// +groupName=clientsecret.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -package v1alpha1 diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/register.go deleted file mode 100644 index f1915df1e..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "clientsecret.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = SchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClientSecretRequest{}, - &OIDCClientSecretRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go deleted file mode 100644 index cf09ac397..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. -// +genclient -// +genclient:onlyVerbs=create -// +kubebuilder:subresource:status -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` // metadata.name must be set to the client ID - - Spec OIDCClientSecretRequestSpec `json:"spec"` - - // +optional - Status OIDCClientSecretRequestStatus `json:"status"` -} - -// Spec of the OIDCClientSecretRequest. -type OIDCClientSecretRequestSpec struct { - // Request a new client secret to for the OIDCClient referenced by the metadata.name field. - // +optional - GenerateNewSecret bool `json:"generateNewSecret"` - - // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. - // +optional - RevokeOldSecrets bool `json:"revokeOldSecrets"` -} - -// Status of the OIDCClientSecretRequest. -type OIDCClientSecretRequestStatus struct { - // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. - GeneratedSecret string `json:"generatedSecret,omitempty"` - - // The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. - TotalClientSecrets int `json:"totalClientSecrets"` -} - -// OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of OIDCClientSecretRequest. - Items []OIDCClientSecretRequest `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index b9287da8d..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,165 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - clientsecret "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequest)(nil), (*clientsecret.OIDCClientSecretRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(a.(*OIDCClientSecretRequest), b.(*clientsecret.OIDCClientSecretRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequest)(nil), (*OIDCClientSecretRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(a.(*clientsecret.OIDCClientSecretRequest), b.(*OIDCClientSecretRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestSpec)(nil), (*OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(a.(*clientsecret.OIDCClientSecretRequestSpec), b.(*OIDCClientSecretRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestStatus)(nil), (*clientsecret.OIDCClientSecretRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(a.(*OIDCClientSecretRequestStatus), b.(*clientsecret.OIDCClientSecretRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestStatus)(nil), (*OIDCClientSecretRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(a.(*clientsecret.OIDCClientSecretRequestStatus), b.(*OIDCClientSecretRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in *OIDCClientSecretRequest, out *clientsecret.OIDCClientSecretRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in *OIDCClientSecretRequest, out *clientsecret.OIDCClientSecretRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in *clientsecret.OIDCClientSecretRequest, out *OIDCClientSecretRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in *clientsecret.OIDCClientSecretRequest, out *OIDCClientSecretRequest, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { - out.GenerateNewSecret = in.GenerateNewSecret - out.RevokeOldSecrets = in.RevokeOldSecrets - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in *clientsecret.OIDCClientSecretRequestSpec, out *OIDCClientSecretRequestSpec, s conversion.Scope) error { - out.GenerateNewSecret = in.GenerateNewSecret - out.RevokeOldSecrets = in.RevokeOldSecrets - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in *clientsecret.OIDCClientSecretRequestSpec, out *OIDCClientSecretRequestSpec, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in *OIDCClientSecretRequestStatus, out *clientsecret.OIDCClientSecretRequestStatus, s conversion.Scope) error { - out.GeneratedSecret = in.GeneratedSecret - out.TotalClientSecrets = in.TotalClientSecrets - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in *OIDCClientSecretRequestStatus, out *clientsecret.OIDCClientSecretRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in *clientsecret.OIDCClientSecretRequestStatus, out *OIDCClientSecretRequestStatus, s conversion.Scope) error { - out.GeneratedSecret = in.GeneratedSecret - out.TotalClientSecrets = in.TotalClientSecrets - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in *clientsecret.OIDCClientSecretRequestStatus, out *OIDCClientSecretRequestStatus, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in, out, s) -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index f27defbed..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,106 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequest) DeepCopyInto(out *OIDCClientSecretRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequest. -func (in *OIDCClientSecretRequest) DeepCopy() *OIDCClientSecretRequest { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClientSecretRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. -func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestSpec. -func (in *OIDCClientSecretRequestSpec) DeepCopy() *OIDCClientSecretRequestSpec { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestStatus) DeepCopyInto(out *OIDCClientSecretRequestStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestStatus. -func (in *OIDCClientSecretRequestStatus) DeepCopy() *OIDCClientSecretRequestStatus { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go b/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.28/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/clientsecret/zz_generated.deepcopy.go deleted file mode 100644 index 478545283..000000000 --- a/generated/1.28/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ /dev/null @@ -1,106 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package clientsecret - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequest) DeepCopyInto(out *OIDCClientSecretRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequest. -func (in *OIDCClientSecretRequest) DeepCopy() *OIDCClientSecretRequest { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClientSecretRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. -func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestSpec. -func (in *OIDCClientSecretRequestSpec) DeepCopy() *OIDCClientSecretRequestSpec { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestStatus) DeepCopyInto(out *OIDCClientSecretRequestStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestStatus. -func (in *OIDCClientSecretRequestStatus) DeepCopy() *OIDCClientSecretRequestStatus { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/doc.go b/generated/1.28/apis/supervisor/config/v1alpha1/doc.go deleted file mode 100644 index fa7f09b34..000000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=config.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. -package v1alpha1 diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/register.go b/generated/1.28/apis/supervisor/config/v1alpha1/register.go deleted file mode 100644 index c2022efb4..000000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/register.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "config.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &FederationDomain{}, - &FederationDomainList{}, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.28/apis/supervisor/config/v1alpha1/types_federationdomain.go deleted file mode 100644 index cae9a459b..000000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ /dev/null @@ -1,315 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type FederationDomainPhase string - -const ( - // FederationDomainPhasePending is the default phase for newly-created FederationDomain resources. - FederationDomainPhasePending FederationDomainPhase = "Pending" - - // FederationDomainPhaseReady is the phase for an FederationDomain resource in a healthy state. - FederationDomainPhaseReady FederationDomainPhase = "Ready" - - // FederationDomainPhaseError is the phase for an FederationDomain in an unhealthy state. - FederationDomainPhaseError FederationDomainPhase = "Error" -) - -// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. -type FederationDomainTLSSpec struct { - // SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - // the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret - // named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use - // for TLS. - // - // Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. - // - // SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. - // SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same - // SecretName value even if they have different port numbers. - // - // SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is - // configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). - // It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to - // use the default TLS certificate, which is configured elsewhere. - // - // When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. - // - // +optional - SecretName string `json:"secretName,omitempty"` -} - -// FederationDomainTransformsConstant defines a constant variable and its value which will be made available to -// the transform expressions. This is a union type, and Type is the discriminator field. -type FederationDomainTransformsConstant struct { - // Name determines the name of the constant. It must be a valid identifier name. - // +kubebuilder:validation:Pattern=`^[a-zA-Z][_a-zA-Z0-9]*$` - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=64 - Name string `json:"name"` - - // Type determines the type of the constant, and indicates which other field should be non-empty. - // Allowed values are "string" or "stringList". - // +kubebuilder:validation:Enum=string;stringList - Type string `json:"type"` - - // StringValue should hold the value when Type is "string", and is otherwise ignored. - // +optional - StringValue string `json:"stringValue,omitempty"` - - // StringListValue should hold the value when Type is "stringList", and is otherwise ignored. - // +optional - StringListValue []string `json:"stringListValue,omitempty"` -} - -// FederationDomainTransformsExpression defines a transform expression. -type FederationDomainTransformsExpression struct { - // Type determines the type of the expression. It must be one of the supported types. - // Allowed values are "policy/v1", "username/v1", or "groups/v1". - // +kubebuilder:validation:Enum=policy/v1;username/v1;groups/v1 - Type string `json:"type"` - - // Expression is a CEL expression that will be evaluated based on the Type during an authentication. - // +kubebuilder:validation:MinLength=1 - Expression string `json:"expression"` - - // Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects - // an authentication attempt. When empty, a default message will be used. - // +optional - Message string `json:"message,omitempty"` -} - -// FederationDomainTransformsExample defines a transform example. -type FederationDomainTransformsExample struct { - // Username is the input username. - // +kubebuilder:validation:MinLength=1 - Username string `json:"username"` - - // Groups is the input list of group names. - // +optional - Groups []string `json:"groups,omitempty"` - - // Expects is the expected output of the entire sequence of transforms when they are run against the - // input Username and Groups. - Expects FederationDomainTransformsExampleExpects `json:"expects"` -} - -// FederationDomainTransformsExampleExpects defines the expected result for a transforms example. -type FederationDomainTransformsExampleExpects struct { - // Username is the expected username after the transformations have been applied. - // +optional - Username string `json:"username,omitempty"` - - // Groups is the expected list of group names after the transformations have been applied. - // +optional - Groups []string `json:"groups,omitempty"` - - // Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression - // after the transformations have been applied. True means that it is expected that the authentication would be - // rejected. The default value of false means that it is expected that the authentication would not be rejected - // by any policy expression. - // +optional - Rejected bool `json:"rejected,omitempty"` - - // Message is the expected error message of the transforms. When Rejected is true, then Message is the expected - // message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, - // then Message will be treated as the default error message for authentication attempts which are rejected by a - // policy. When Rejected is false, then Message is the expected error message for some other non-policy - // transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. - // +optional - Message string `json:"message,omitempty"` -} - -// FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. -type FederationDomainTransforms struct { - // Constants defines constant variables and their values which will be made available to the transform expressions. - // +patchMergeKey=name - // +patchStrategy=merge - // +listType=map - // +listMapKey=name - // +optional - Constants []FederationDomainTransformsConstant `json:"constants,omitempty"` - - // Expressions are an optional list of transforms and policies to be executed in the order given during every - // authentication attempt, including during every session refresh. - // Each is a CEL expression. It may use the basic CEL language as defined in - // https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in - // https://github.com/google/cel-go/tree/master/ext#strings. - // - // The username and groups extracted from the identity provider, and the constants defined in this CR, are - // available as variables in all expressions. The username is provided via a variable called `username` and - // the list of group names is provided via a variable called `groups` (which may be an empty list). - // Each user-provided constants is provided via a variable named `strConst.varName` for string constants - // and `strListConst.varName` for string list constants. - // - // The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. - // Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated - // and the authentication attempt is rejected. - // Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the - // username or group names. - // Each username/v1 transform must return the new username (a string), which can be the same as the old username. - // Transformations of type username/v1 do not return group names, and therefore cannot change the group names. - // Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old - // groups list. - // Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. - // After each expression, the new (potentially changed) username or groups get passed to the following expression. - // - // Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. - // During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the - // authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username - // and group names have been decided for that authentication attempt. - // - // +optional - Expressions []FederationDomainTransformsExpression `json:"expressions,omitempty"` - - // Examples can optionally be used to ensure that the sequence of transformation expressions are working as - // expected. Examples define sample input identities which are then run through the expression list, and the - // results are compared to the expected results. If any example in this list fails, then this - // identity provider will not be available for use within this FederationDomain, and the error(s) will be - // added to the FederationDomain status. This can be used to help guard against programming mistakes in the - // expressions, and also act as living documentation for other administrators to better understand the expressions. - // +optional - Examples []FederationDomainTransformsExample `json:"examples,omitempty"` -} - -// FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. -type FederationDomainIdentityProvider struct { - // DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the - // kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a - // disruptive change for those users. - // +kubebuilder:validation:MinLength=1 - DisplayName string `json:"displayName"` - - // ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. - // If the reference cannot be resolved then the identity provider will not be made available. - // Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, - // LDAPIdentityProvider, ActiveDirectoryIdentityProvider. - ObjectRef corev1.TypedLocalObjectReference `json:"objectRef"` - - // Transforms is an optional way to specify transformations to be applied during user authentication and - // session refresh. - // +optional - Transforms FederationDomainTransforms `json:"transforms,omitempty"` -} - -// FederationDomainSpec is a struct that describes an OIDC Provider. -type FederationDomainSpec struct { - // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the - // identifier that it will use for the iss claim in issued JWTs. This field will also be used as - // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is - // https://example.com/foo, then your authorization endpoint will look like - // https://example.com/foo/some/path/to/auth/endpoint). - // - // See - // https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:message="issuer must be an HTTPS URL",rule="isURL(self) && url(self).getScheme() == 'https'" - Issuer string `json:"issuer"` - - // TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. - // +optional - TLS *FederationDomainTLSSpec `json:"tls,omitempty"` - - // IdentityProviders is the list of identity providers available for use by this FederationDomain. - // - // An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, - // how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to - // extract a normalized user identity. Normalized user identities include a username and a list of group names. - // In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which - // belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations - // on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid - // accidental conflicts when multiple identity providers have different users with the same username (e.g. - // "idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication - // rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow - // the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could - // disallow the authentication unless the user belongs to a specific group in the identity provider. - // - // For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, - // an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which - // exist in the same namespace, but also to reject all authentication requests when there is more than one identity - // provider currently defined. In this backwards compatibility mode, the name of the identity provider resource - // (e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this - // FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of - // relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead - // explicitly list the identity provider using this IdentityProviders field. - // - // +optional - IdentityProviders []FederationDomainIdentityProvider `json:"identityProviders,omitempty"` -} - -// FederationDomainSecrets holds information about this OIDC Provider's secrets. -type FederationDomainSecrets struct { - // JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are - // stored. If it is empty, then the signing/verification keys are either unknown or they don't - // exist. - // +optional - JWKS corev1.LocalObjectReference `json:"jwks,omitempty"` - - // TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // signing tokens is stored. - // +optional - TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"` - - // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // signing state parameters is stored. - // +optional - StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"` - - // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // encrypting state parameters is stored. - // +optional - StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"` -} - -// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. -type FederationDomainStatus struct { - // Phase summarizes the overall status of the FederationDomain. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase FederationDomainPhase `json:"phase,omitempty"` - - // Conditions represent the observations of an FederationDomain's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // Secrets contains information about this OIDC Provider's secrets. - // +optional - Secrets FederationDomainSecrets `json:"secrets,omitempty"` -} - -// FederationDomain describes the configuration of an OIDC provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type FederationDomain struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec of the OIDC provider. - Spec FederationDomainSpec `json:"spec"` - - // Status of the OIDC provider. - Status FederationDomainStatus `json:"status,omitempty"` -} - -// List of FederationDomain objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type FederationDomainList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []FederationDomain `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go deleted file mode 100644 index 2250f958a..000000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type OIDCClientPhase string - -const ( - // OIDCClientPhasePending is the default phase for newly-created OIDCClient resources. - OIDCClientPhasePending OIDCClientPhase = "Pending" - - // OIDCClientPhaseReady is the phase for an OIDCClient resource in a healthy state. - OIDCClientPhaseReady OIDCClientPhase = "Ready" - - // OIDCClientPhaseError is the phase for an OIDCClient in an unhealthy state. - OIDCClientPhaseError OIDCClientPhase = "Error" -) - -// +kubebuilder:validation:Pattern=`^https://.+|^http://(127\.0\.0\.1|\[::1\])(:\d+)?/` -type RedirectURI string - -// +kubebuilder:validation:Enum="authorization_code";"refresh_token";"urn:ietf:params:oauth:grant-type:token-exchange" -type GrantType string - -// +kubebuilder:validation:Enum="openid";"offline_access";"username";"groups";"pinniped:request-audience" -type Scope string - -// OIDCClientSpec is a struct that describes an OIDCClient. -type OIDCClientSpec struct { - // allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this - // client. Any other uris will be rejected. - // Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. - // Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedRedirectURIs []RedirectURI `json:"allowedRedirectURIs"` - - // allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this - // client. - // - // Must only contain the following values: - // - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to - // authenticate users. This grant must always be listed. - // - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. - // This grant must be listed if allowedScopes lists offline_access. - // - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, - // which is a step in the process to be able to get a cluster credential for the user. - // This grant must be listed if allowedScopes lists pinniped:request-audience. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedGrantTypes []GrantType `json:"allowedGrantTypes"` - - // allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - // - // Must only contain the following values: - // - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). - // This scope must always be listed. - // - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. - // This scope must be listed if allowedGrantTypes lists refresh_token. - // - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, - // which is a step in the process to be able to get a cluster credential for the user. - // openid, username and groups scopes must be listed when this scope is present. - // This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - // - username: The client is allowed to request that ID tokens contain the user's username. - // Without the username scope being requested and allowed, the ID token will not contain the user's username. - // - groups: The client is allowed to request that ID tokens contain the user's group membership, - // if their group membership is discoverable by the Supervisor. - // Without the groups scope being requested and allowed, the ID token will not contain groups. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedScopes []Scope `json:"allowedScopes"` - - // tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. - // +optional - TokenLifetimes OIDCClientTokenLifetimes `json:"tokenLifetimes,omitempty"` -} - -// OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. -type OIDCClientTokenLifetimes struct { - // idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of - // ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID - // tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. - // This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens - // short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the - // external identity provider to decide if it is acceptable for the end user to continue their session, and will - // update the end user's group memberships from the external identity provider. Giving these tokens a long life is - // will allow the end user to continue to use a token while avoiding these updates from the external identity - // provider. However, some web applications may have reasons specific to the design of that application to prefer - // longer lifetimes. - // +kubebuilder:validation:Minimum=120 - // +kubebuilder:validation:Maximum=1800 - // +optional - IDTokenSeconds *int32 `json:"idTokenSeconds,omitempty"` -} - -// OIDCClientStatus is a struct that describes the actual state of an OIDCClient. -type OIDCClientStatus struct { - // phase summarizes the overall status of the OIDCClient. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase OIDCClientPhase `json:"phase,omitempty"` - - // conditions represent the observations of an OIDCClient's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. - // +optional - TotalClientSecrets int32 `json:"totalClientSecrets"` // do not omitempty to allow it to show in the printer column even when it is 0 -} - -// OIDCClient describes the configuration of an OIDC client. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped -// +kubebuilder:printcolumn:name="Privileged Scopes",type=string,JSONPath=`.spec.allowedScopes[?(@ == "pinniped:request-audience")]` -// +kubebuilder:printcolumn:name="Client Secrets",type=integer,JSONPath=`.status.totalClientSecrets` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type OIDCClient struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec of the OIDC client. - Spec OIDCClientSpec `json:"spec"` - - // Status of the OIDC client. - Status OIDCClientStatus `json:"status,omitempty"` -} - -// List of OIDCClient objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []OIDCClient `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index d84848e6d..000000000 --- a/generated/1.28/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,433 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain. -func (in *FederationDomain) DeepCopy() *FederationDomain { - if in == nil { - return nil - } - out := new(FederationDomain) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FederationDomain) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainIdentityProvider) DeepCopyInto(out *FederationDomainIdentityProvider) { - *out = *in - in.ObjectRef.DeepCopyInto(&out.ObjectRef) - in.Transforms.DeepCopyInto(&out.Transforms) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainIdentityProvider. -func (in *FederationDomainIdentityProvider) DeepCopy() *FederationDomainIdentityProvider { - if in == nil { - return nil - } - out := new(FederationDomainIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]FederationDomain, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList. -func (in *FederationDomainList) DeepCopy() *FederationDomainList { - if in == nil { - return nil - } - out := new(FederationDomainList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FederationDomainList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) { - *out = *in - out.JWKS = in.JWKS - out.TokenSigningKey = in.TokenSigningKey - out.StateSigningKey = in.StateSigningKey - out.StateEncryptionKey = in.StateEncryptionKey - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets. -func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets { - if in == nil { - return nil - } - out := new(FederationDomainSecrets) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(FederationDomainTLSSpec) - **out = **in - } - if in.IdentityProviders != nil { - in, out := &in.IdentityProviders, &out.IdentityProviders - *out = make([]FederationDomainIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec. -func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec { - if in == nil { - return nil - } - out := new(FederationDomainSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - out.Secrets = in.Secrets - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus. -func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus { - if in == nil { - return nil - } - out := new(FederationDomainStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec. -func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { - if in == nil { - return nil - } - out := new(FederationDomainTLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransforms) DeepCopyInto(out *FederationDomainTransforms) { - *out = *in - if in.Constants != nil { - in, out := &in.Constants, &out.Constants - *out = make([]FederationDomainTransformsConstant, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Expressions != nil { - in, out := &in.Expressions, &out.Expressions - *out = make([]FederationDomainTransformsExpression, len(*in)) - copy(*out, *in) - } - if in.Examples != nil { - in, out := &in.Examples, &out.Examples - *out = make([]FederationDomainTransformsExample, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransforms. -func (in *FederationDomainTransforms) DeepCopy() *FederationDomainTransforms { - if in == nil { - return nil - } - out := new(FederationDomainTransforms) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsConstant) DeepCopyInto(out *FederationDomainTransformsConstant) { - *out = *in - if in.StringListValue != nil { - in, out := &in.StringListValue, &out.StringListValue - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsConstant. -func (in *FederationDomainTransformsConstant) DeepCopy() *FederationDomainTransformsConstant { - if in == nil { - return nil - } - out := new(FederationDomainTransformsConstant) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExample) DeepCopyInto(out *FederationDomainTransformsExample) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - in.Expects.DeepCopyInto(&out.Expects) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExample. -func (in *FederationDomainTransformsExample) DeepCopy() *FederationDomainTransformsExample { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExample) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExampleExpects) DeepCopyInto(out *FederationDomainTransformsExampleExpects) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExampleExpects. -func (in *FederationDomainTransformsExampleExpects) DeepCopy() *FederationDomainTransformsExampleExpects { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExampleExpects) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExpression) DeepCopyInto(out *FederationDomainTransformsExpression) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExpression. -func (in *FederationDomainTransformsExpression) DeepCopy() *FederationDomainTransformsExpression { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExpression) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]RedirectURI, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - in.TokenLifetimes.DeepCopyInto(&out.TokenLifetimes) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientTokenLifetimes) DeepCopyInto(out *OIDCClientTokenLifetimes) { - *out = *in - if in.IDTokenSeconds != nil { - in, out := &in.IDTokenSeconds, &out.IDTokenSeconds - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientTokenLifetimes. -func (in *OIDCClientTokenLifetimes) DeepCopy() *OIDCClientTokenLifetimes { - if in == nil { - return nil - } - out := new(OIDCClientTokenLifetimes) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.28/apis/supervisor/idp/v1alpha1/doc.go deleted file mode 100644 index 0b06153f4..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/doc.go +++ /dev/null @@ -1,9 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.supervisor.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. -package v1alpha1 diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/register.go b/generated/1.28/apis/supervisor/idp/v1alpha1/register.go deleted file mode 100644 index 5de15afe0..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "idp.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCIdentityProvider{}, - &OIDCIdentityProviderList{}, - &LDAPIdentityProvider{}, - &LDAPIdentityProviderList{}, - &ActiveDirectoryIdentityProvider{}, - &ActiveDirectoryIdentityProviderList{}, - &GitHubIdentityProvider{}, - &GitHubIdentityProviderList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go deleted file mode 100644 index eb5ae59e4..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ /dev/null @@ -1,219 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type ActiveDirectoryIdentityProviderPhase string - -const ( - // ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources. - ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending" - - // ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state. - ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready" - - // ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state. - ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error" -) - -// Status of an Active Directory identity provider. -type ActiveDirectoryIdentityProviderStatus struct { - // Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -type ActiveDirectoryIdentityProviderBind struct { - // SecretName contains the name of a namespace-local Secret object that provides the username and - // password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be - // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - // The password must be non-empty. - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type ActiveDirectoryIdentityProviderUserSearchAttributes struct { - // Username specifies the name of the attribute in Active Directory entry whose value shall become the username - // of the user after a successful authentication. - // Optional, when empty this defaults to "userPrincipalName". - // +optional - Username string `json:"username,omitempty"` - - // UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely - // identify the user within this ActiveDirectory provider after a successful authentication. - // Optional, when empty this defaults to "objectGUID". - // +optional - UID string `json:"uid,omitempty"` -} - -type ActiveDirectoryIdentityProviderGroupSearchAttributes struct { - // GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name - // in the user's list of groups after a successful authentication. - // The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory - // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - // Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", - // where domain is constructed from the domain components of the group DN. - // +optional - GroupName string `json:"groupName,omitempty"` -} - -type ActiveDirectoryIdentityProviderUserSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for users. - // E.g. "ou=users,dc=example,dc=com". - // Optional, when not specified it will be based on the result of a query for the defaultNamingContext - // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - // The default behavior searches your entire domain for users. - // It may make sense to specify a subtree as a search base if you wish to exclude some users - // or to make searches faster. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur - // in the filter at least once and will be dynamically replaced by the username for which the search is being run. - // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - // https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will be - // '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' - // This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, - // and is not shown in advanced view only - // (which would likely mean its a system created service account with advanced permissions). - // Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. - // +optional - Filter string `json:"filter,omitempty"` - - // Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as - // the result of the user search. - // +optional - Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` -} - -type ActiveDirectoryIdentityProviderGroupSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - // "ou=groups,dc=example,dc=com". - // Optional, when not specified it will be based on the result of a query for the defaultNamingContext - // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - // The default behavior searches your entire domain for groups. - // It may make sense to specify a subtree as a search base if you wish to exclude some groups - // for security reasons or to make searches faster. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. - // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - // value of an attribute of the user entry found as a result of the user search. Which attribute's - // value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - // E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". - // For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the filter were specified as - // "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". - // This searches nested groups by default. - // Note that nested group search can be slow for some Active Directory servers. To disable it, - // you can set the filter to - // "(&(objectClass=group)(member={})" - // +optional - Filter string `json:"filter,omitempty"` - - // UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - // the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - // For example, specifying "uid" as the UserAttributeForFilter while specifying - // "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - // the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - // Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - // UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - // would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - // +optional - UserAttributeForFilter string `json:"userAttributeForFilter,omitempty"` - - // Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as - // the result of the group search. - // +optional - Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` - - // The user's group membership is refreshed as they interact with the supervisor - // to obtain new credentials (as their old credentials expire). This allows group - // membership changes to be quickly reflected into Kubernetes clusters. Since - // group membership is often used to bind authorization policies, it is important - // to keep the groups observed in Kubernetes clusters in-sync with the identity - // provider. - // - // In some environments, frequent group membership queries may result in a - // significant performance impact on the identity provider and/or the supervisor. - // The best approach to handle performance impacts is to tweak the group query - // to be more performant, for example by disabling nested group search or by - // using a more targeted group search base. - // - // If the group search query cannot be made performant and you are willing to - // have group memberships remain static for approximately a day, then set - // skipGroupRefresh to true. This is an insecure configuration as authorization - // policies that are bound to group membership will not notice if a user has - // been removed from a particular group until their next login. - // - // This is an experimental feature that may be removed or significantly altered - // in the future. Consumers of this configuration should carefully read all - // release notes before upgrading to ensure that the meaning of this field has - // not changed. - SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` -} - -// Spec for configuring an ActiveDirectory identity provider. -type ActiveDirectoryIdentityProviderSpec struct { - // Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. - // +kubebuilder:validation:MinLength=1 - Host string `json:"host"` - - // TLS contains the connection settings for how to establish the connection to the Host. - TLS *TLSSpec `json:"tls,omitempty"` - - // Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server - // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"` - - // UserSearch contains the configuration for searching for a user by name in Active Directory. - UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"` - - // GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. - GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"` -} - -// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type ActiveDirectoryIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec ActiveDirectoryIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"` -} - -// List of ActiveDirectoryIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type ActiveDirectoryIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []ActiveDirectoryIdentityProvider `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go deleted file mode 100644 index 5c4f22398..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go +++ /dev/null @@ -1,263 +0,0 @@ -// Copyright 2024-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type GitHubIdentityProviderPhase string - -const ( - // GitHubPhasePending is the default phase for newly-created GitHubIdentityProvider resources. - GitHubPhasePending GitHubIdentityProviderPhase = "Pending" - - // GitHubPhaseReady is the phase for an GitHubIdentityProvider resource in a healthy state. - GitHubPhaseReady GitHubIdentityProviderPhase = "Ready" - - // GitHubPhaseError is the phase for an GitHubIdentityProvider in an unhealthy state. - GitHubPhaseError GitHubIdentityProviderPhase = "Error" -) - -type GitHubAllowedAuthOrganizationsPolicy string - -const ( - // GitHubAllowedAuthOrganizationsPolicyAllGitHubUsers means any GitHub user is allowed to log in using this identity - // provider, regardless of their organization membership or lack thereof. - GitHubAllowedAuthOrganizationsPolicyAllGitHubUsers GitHubAllowedAuthOrganizationsPolicy = "AllGitHubUsers" - - // GitHubAllowedAuthOrganizationsPolicyOnlyUsersFromAllowedOrganizations means only those users with membership in - // the listed GitHub organizations are allowed to log in. - GitHubAllowedAuthOrganizationsPolicyOnlyUsersFromAllowedOrganizations GitHubAllowedAuthOrganizationsPolicy = "OnlyUsersFromAllowedOrganizations" -) - -// GitHubIdentityProviderStatus is the status of an GitHub identity provider. -type GitHubIdentityProviderStatus struct { - // Phase summarizes the overall status of the GitHubIdentityProvider. - // - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase GitHubIdentityProviderPhase `json:"phase,omitempty"` - - // Conditions represents the observations of an identity provider's current state. - // - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -// GitHubAPIConfig allows configuration for GitHub Enterprise Server -type GitHubAPIConfig struct { - // Host is required only for GitHub Enterprise Server. - // Defaults to using GitHub's public API ("github.com"). - // For convenience, specifying "github.com" is equivalent to specifying "api.github.com". - // Do not specify a protocol or scheme since "https://" will always be used. - // Port is optional. Do not specify a path, query, fragment, or userinfo. - // Only specify domain name or IP address, subdomains (optional), and port (optional). - // IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address - // in square brackets. Example: "[::1]:443". - // - // +kubebuilder:default="github.com" - // +kubebuilder:validation:MinLength=1 - // +optional - Host *string `json:"host"` - - // TLS configuration for GitHub Enterprise Server. - // Note that this field should not be needed when using GitHub's public API ("github.com"). - // However, if you choose to specify this field when using GitHub's public API, you must - // specify a CA bundle that will verify connections to "api.github.com". - // - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present -// to Kubernetes. See the response schema for -// [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). -type GitHubUsernameAttribute string - -const ( - // GitHubUsernameID specifies using the `id` attribute from the GitHub user for the username to present to Kubernetes. - GitHubUsernameID GitHubUsernameAttribute = "id" - - // GitHubUsernameLogin specifies using the `login` attribute from the GitHub user as the username to present to Kubernetes. - GitHubUsernameLogin GitHubUsernameAttribute = "login" - - // GitHubUsernameLoginAndID specifies combining the `login` and `id` attributes from the GitHub user as the - // username to present to Kubernetes, separated by a colon. Example: "my-login:1234" - GitHubUsernameLoginAndID GitHubUsernameAttribute = "login:id" -) - -// GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group -// names to present to Kubernetes. See the response schema for -// [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). -type GitHubGroupNameAttribute string - -const ( - // GitHubUseTeamNameForGroupName specifies using the GitHub team's `name` attribute as the group name to present to Kubernetes. - GitHubUseTeamNameForGroupName GitHubGroupNameAttribute = "name" - - // GitHubUseTeamSlugForGroupName specifies using the GitHub team's `slug` attribute as the group name to present to Kubernetes. - GitHubUseTeamSlugForGroupName GitHubGroupNameAttribute = "slug" -) - -// GitHubClaims allows customization of the username and groups claims. -type GitHubClaims struct { - // Username configures which property of the GitHub user record shall determine the username in Kubernetes. - // - // Can be either "id", "login", or "login:id". Defaults to "login:id". - // - // GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, - // and may not start or end with hyphens. GitHub users are allowed to change their login name, - // although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", - // then a second user might change their name from "baz" to "foo" in order to take the old - // username of the first user. For this reason, it is not as safe to make authorization decisions - // based only on the user's login attribute. - // - // If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - // FederationDomain to further customize how these usernames are presented to Kubernetes. - // - // Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and - // unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value - // from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable - // choice to concatenate the two values. - // - // See the response schema for - // [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - // - // +kubebuilder:default="login:id" - // +kubebuilder:validation:Enum={"id","login","login:id"} - // +optional - Username *GitHubUsernameAttribute `json:"username"` - - // Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. - // - // Can be either "name" or "slug". Defaults to "slug". - // - // GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). - // - // GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). - // - // Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a - // forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters - // or single hyphens, so the first forward slash `/` will be the separator between the organization login name and - // the team name or slug. - // - // If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - // FederationDomain to further customize how these group names are presented to Kubernetes. - // - // See the response schema for - // [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - // - // +kubebuilder:default=slug - // +kubebuilder:validation:Enum=name;slug - // +optional - Groups *GitHubGroupNameAttribute `json:"groups"` -} - -// GitHubClientSpec contains information about the GitHub client that this identity provider will use -// for web-based login flows. -type GitHubClientSpec struct { - // SecretName contains the name of a namespace-local Secret object that provides the clientID and - // clientSecret for an GitHub App or GitHub OAuth2 client. - // - // This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". - // - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type GitHubOrganizationsSpec struct { - // Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". - // Defaults to "OnlyUsersFromAllowedOrganizations". - // - // Must be set to "AllGitHubUsers" if the allowed field is empty. - // - // This field only exists to ensure that Pinniped administrators are aware that an empty list of - // allowedOrganizations means all GitHub users are allowed to log in. - // - // +kubebuilder:default=OnlyUsersFromAllowedOrganizations - // +kubebuilder:validation:Enum=OnlyUsersFromAllowedOrganizations;AllGitHubUsers - // +optional - Policy *GitHubAllowedAuthOrganizationsPolicy `json:"policy"` - - // Allowed, when specified, indicates that only users with membership in at least one of the listed - // GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include - // teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be - // provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. - // - // The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, - // otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams - // within that organization. - // - // If no organizations are listed, you must set organizations: AllGitHubUsers. - // - // +kubebuilder:validation:MaxItems=64 - // +listType=set - // +optional - Allowed []string `json:"allowed,omitempty"` -} - -// GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. -type GitHubAllowAuthenticationSpec struct { - // Organizations allows customization of which organizations can authenticate using this IDP. - // +kubebuilder:validation:XValidation:message="spec.allowAuthentication.organizations.policy must be 'OnlyUsersFromAllowedOrganizations' when spec.allowAuthentication.organizations.allowed has organizations listed",rule="!(has(self.allowed) && size(self.allowed) > 0 && self.policy == 'AllGitHubUsers')" - // +kubebuilder:validation:XValidation:message="spec.allowAuthentication.organizations.policy must be 'AllGitHubUsers' when spec.allowAuthentication.organizations.allowed is empty",rule="!((!has(self.allowed) || size(self.allowed) == 0) && self.policy == 'OnlyUsersFromAllowedOrganizations')" - Organizations GitHubOrganizationsSpec `json:"organizations"` -} - -// GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. -type GitHubIdentityProviderSpec struct { - // GitHubAPI allows configuration for GitHub Enterprise Server - // - // +kubebuilder:default={} - GitHubAPI GitHubAPIConfig `json:"githubAPI,omitempty"` - - // Claims allows customization of the username and groups claims. - // - // +kubebuilder:default={} - Claims GitHubClaims `json:"claims,omitempty"` - - // AllowAuthentication allows customization of who can authenticate using this IDP and how. - AllowAuthentication GitHubAllowAuthenticationSpec `json:"allowAuthentication"` - - // Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). - Client GitHubClientSpec `json:"client"` -} - -// GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. -// This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. -// -// Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured -// as OIDCClients. -// -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.githubAPI.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type GitHubIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec GitHubIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status GitHubIdentityProviderStatus `json:"status,omitempty"` -} - -// GitHubIdentityProviderList lists GitHubIdentityProvider objects. -// -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type GitHubIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []GitHubIdentityProvider `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go deleted file mode 100644 index 904a0d50b..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ /dev/null @@ -1,207 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type LDAPIdentityProviderPhase string - -const ( - // LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources. - LDAPPhasePending LDAPIdentityProviderPhase = "Pending" - - // LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state. - LDAPPhaseReady LDAPIdentityProviderPhase = "Ready" - - // LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state. - LDAPPhaseError LDAPIdentityProviderPhase = "Error" -) - -// Status of an LDAP identity provider. -type LDAPIdentityProviderStatus struct { - // Phase summarizes the overall status of the LDAPIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase LDAPIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -type LDAPIdentityProviderBind struct { - // SecretName contains the name of a namespace-local Secret object that provides the username and - // password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be - // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - // The password must be non-empty. - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type LDAPIdentityProviderUserSearchAttributes struct { - // Username specifies the name of the attribute in the LDAP entry whose value shall become the username - // of the user after a successful authentication. This would typically be the same attribute name used in - // the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field - // is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default - // value of "dn={}" would not work. - // +kubebuilder:validation:MinLength=1 - Username string `json:"username,omitempty"` - - // UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely - // identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". - // +kubebuilder:validation:MinLength=1 - UID string `json:"uid,omitempty"` -} - -type LDAPIdentityProviderGroupSearchAttributes struct { - // GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name - // in the user's list of groups after a successful authentication. - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - // Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). - // +optional - GroupName string `json:"groupName,omitempty"` -} - -type LDAPIdentityProviderUserSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for users. - // E.g. "ou=users,dc=example,dc=com". - // +kubebuilder:validation:MinLength=1 - Base string `json:"base,omitempty"` - - // Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur - // in the filter at least once and will be dynamically replaced by the username for which the search is being run. - // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - // https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the Filter were specified as the value from - // Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be - // explicitly specified, since the default value of "dn={}" would not work. - // +optional - Filter string `json:"filter,omitempty"` - - // Attributes specifies how the user's information should be read from the LDAP entry which was found as - // the result of the user search. - // +optional - Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` -} - -type LDAPIdentityProviderGroupSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - // "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and - // authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, - // the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the LDAP search filter which should be applied when searching for groups for a user. - // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - // value of an attribute of the user entry found as a result of the user search. Which attribute's - // value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - // For more information about LDAP filters, see https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the Filter were specified as "member={}". - // +optional - Filter string `json:"filter,omitempty"` - - // UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - // the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - // For example, specifying "uid" as the UserAttributeForFilter while specifying - // "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - // the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - // Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - // UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - // would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - // +optional - UserAttributeForFilter string `json:"userAttributeForFilter,omitempty"` - - // Attributes specifies how the group's information should be read from each LDAP entry which was found as - // the result of the group search. - // +optional - Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` - - // The user's group membership is refreshed as they interact with the supervisor - // to obtain new credentials (as their old credentials expire). This allows group - // membership changes to be quickly reflected into Kubernetes clusters. Since - // group membership is often used to bind authorization policies, it is important - // to keep the groups observed in Kubernetes clusters in-sync with the identity - // provider. - // - // In some environments, frequent group membership queries may result in a - // significant performance impact on the identity provider and/or the supervisor. - // The best approach to handle performance impacts is to tweak the group query - // to be more performant, for example by disabling nested group search or by - // using a more targeted group search base. - // - // If the group search query cannot be made performant and you are willing to - // have group memberships remain static for approximately a day, then set - // skipGroupRefresh to true. This is an insecure configuration as authorization - // policies that are bound to group membership will not notice if a user has - // been removed from a particular group until their next login. - // - // This is an experimental feature that may be removed or significantly altered - // in the future. Consumers of this configuration should carefully read all - // release notes before upgrading to ensure that the meaning of this field has - // not changed. - SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` -} - -// Spec for configuring an LDAP identity provider. -type LDAPIdentityProviderSpec struct { - // Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. - // +kubebuilder:validation:MinLength=1 - Host string `json:"host"` - - // TLS contains the connection settings for how to establish the connection to the Host. - TLS *TLSSpec `json:"tls,omitempty"` - - // Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server - // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - Bind LDAPIdentityProviderBind `json:"bind,omitempty"` - - // UserSearch contains the configuration for searching for a user by name in the LDAP provider. - UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"` - - // GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. - GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"` -} - -// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access -// Protocol (LDAP) identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type LDAPIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec LDAPIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status LDAPIdentityProviderStatus `json:"status,omitempty"` -} - -// List of LDAPIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type LDAPIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []LDAPIdentityProvider `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go deleted file mode 100644 index 8b18b46a5..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ /dev/null @@ -1,217 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type OIDCIdentityProviderPhase string - -const ( - // PhasePending is the default phase for newly-created OIDCIdentityProvider resources. - PhasePending OIDCIdentityProviderPhase = "Pending" - - // PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state. - PhaseReady OIDCIdentityProviderPhase = "Ready" - - // PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state. - PhaseError OIDCIdentityProviderPhase = "Error" -) - -// OIDCIdentityProviderStatus is the status of an OIDC identity provider. -type OIDCIdentityProviderStatus struct { - // Phase summarizes the overall status of the OIDCIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase OIDCIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization -// request parameters. -type OIDCAuthorizationConfig struct { - // additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization - // request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials - // Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is - // always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request - // the following scopes: "openid", "offline_access", "email", and "profile". See - // https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" - // scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the - // "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, - // or as common patterns used by providers who implement the standard in the ecosystem evolve. - // By setting this list to anything other than an empty list, you are overriding the - // default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. - // If you do not want any of these scopes to be requested, you may set this list to contain only "openid". - // Some OIDC providers may also require a scope to get access to the user's group membership, in which case you - // may wish to include it in this list. Sometimes the scope to request the user's group membership is called - // "groups", but unfortunately this is not specified in the OIDC standard. - // Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by - // your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in - // the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See - // your OIDC provider's documentation for more information about what scopes are available to request claims. - // Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor - // from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be - // "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its - // requirements for what to include in the request in order to receive a refresh token in the response, if anything. - // Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider - // may ignore scopes that it does not understand or require (see - // https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the - // "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC - // provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). - // +optional - AdditionalScopes []string `json:"additionalScopes,omitempty"` - - // additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your - // OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra - // parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", - // "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be - // included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. - // The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user - // should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting - // ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. - // This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password - // Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the - // Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" - // parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's - // authorization endpoint for its requirements for what to include in the request in order to receive a refresh - // token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, - // then include it here. Also note that most providers also require a certain scope to be requested in order to - // receive refresh tokens. See the additionalScopes setting for more information about using scopes to request - // refresh tokens. - // +optional - // +patchMergeKey=name - // +patchStrategy=merge - // +listType=map - // +listMapKey=name - AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"` - - // allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant - // (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a - // username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. - // The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be - // supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password - // Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose - // to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the - // cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be - // convenient for users, especially for identities from your OIDC provider which are not intended to represent a human - // actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, - // you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this - // OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password - // Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords - // (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other - // web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. - // allowPasswordGrant defaults to false. - // +optional - AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"` -} - -// Parameter is a key/value pair which represents a parameter in an HTTP request. -type Parameter struct { - // The name of the parameter. Required. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - - // The value of the parameter. - // +optional - Value string `json:"value,omitempty"` -} - -// OIDCClaims provides a mapping from upstream claims into identities. -type OIDCClaims struct { - // Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain - // the groups to which an identity belongs. By default, the identities will not include any group memberships when - // this setting is not configured. - // +optional - Groups string `json:"groups"` - - // Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to - // ascertain an identity's username. When not set, the username will be an automatically constructed unique string - // which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from - // the ID token. - // +optional - Username string `json:"username"` - - // AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the - // "additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of - // new claim names as the keys, and upstream claim names as the values. These new claim names will be nested - // under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this - // OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. - // This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be - // used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims - // are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. - // +optional - AdditionalClaimMappings map[string]string `json:"additionalClaimMappings,omitempty"` -} - -// OIDCClient contains information about an OIDC client (e.g., client ID and client -// secret). -type OIDCClient struct { - // SecretName contains the name of a namespace-local Secret object that provides the clientID and - // clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient - // struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys - // "clientID" and "clientSecret". - SecretName string `json:"secretName"` -} - -// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. -type OIDCIdentityProviderSpec struct { - // Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch - // /.well-known/openid-configuration. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Issuer string `json:"issuer"` - - // TLS configuration for discovery/JWKS requests to the issuer. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` - - // AuthorizationConfig holds information about how to form the OAuth2 authorization request - // parameters to be used with this OIDC identity provider. - // +optional - AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"` - - // Claims provides the names of token claims that will be used when inspecting an identity from - // this OIDC identity provider. - // +optional - Claims OIDCClaims `json:"claims"` - - // OIDCClient contains OIDC client information to be used used with this OIDC identity - // provider. - Client OIDCClient `json:"client"` -} - -// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type OIDCIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec OIDCIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status OIDCIdentityProviderStatus `json:"status,omitempty"` -} - -// OIDCIdentityProviderList lists OIDCIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []OIDCIdentityProvider `json:"items"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.28/apis/supervisor/idp/v1alpha1/types_tls.go deleted file mode 100644 index 52def22d1..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/types_tls.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. -// -// +kubebuilder:validation:Enum=Secret;ConfigMap -type CertificateAuthorityDataSourceKind string - -const ( - // CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles. - CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap") - - // CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles. - // Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque. - CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret") -) - -// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. -type CertificateAuthorityDataSourceSpec struct { - // Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - // Allowed values are "Secret" or "ConfigMap". - // "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - // "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - Kind CertificateAuthorityDataSourceKind `json:"kind"` - // Name is the resource name of the secret or configmap from which to read the CA bundle. - // The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - // Key is the key name within the secret or configmap from which to read the CA bundle. - // The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - // certificate bundle. - // +kubebuilder:validation:MinLength=1 - Key string `json:"key"` -} - -// TLSSpec provides TLS configuration for identity provider integration. -type TLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - // Reference to a CA bundle in a secret or a configmap. - // Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - // +optional - CertificateAuthorityDataSource *CertificateAuthorityDataSourceSpec `json:"certificateAuthorityDataSource,omitempty"` -} diff --git a/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index a6a357f54..000000000 --- a/generated/1.28/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,835 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider. -func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind. -func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderBind) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch. -func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderGroupSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes. -func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ActiveDirectoryIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList. -func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - out.Bind = in.Bind - out.UserSearch = in.UserSearch - out.GroupSearch = in.GroupSearch - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec. -func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus. -func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch. -func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderUserSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes. -func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderUserSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateAuthorityDataSourceSpec) DeepCopyInto(out *CertificateAuthorityDataSourceSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateAuthorityDataSourceSpec. -func (in *CertificateAuthorityDataSourceSpec) DeepCopy() *CertificateAuthorityDataSourceSpec { - if in == nil { - return nil - } - out := new(CertificateAuthorityDataSourceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubAPIConfig) DeepCopyInto(out *GitHubAPIConfig) { - *out = *in - if in.Host != nil { - in, out := &in.Host, &out.Host - *out = new(string) - **out = **in - } - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubAPIConfig. -func (in *GitHubAPIConfig) DeepCopy() *GitHubAPIConfig { - if in == nil { - return nil - } - out := new(GitHubAPIConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubAllowAuthenticationSpec) DeepCopyInto(out *GitHubAllowAuthenticationSpec) { - *out = *in - in.Organizations.DeepCopyInto(&out.Organizations) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubAllowAuthenticationSpec. -func (in *GitHubAllowAuthenticationSpec) DeepCopy() *GitHubAllowAuthenticationSpec { - if in == nil { - return nil - } - out := new(GitHubAllowAuthenticationSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubClaims) DeepCopyInto(out *GitHubClaims) { - *out = *in - if in.Username != nil { - in, out := &in.Username, &out.Username - *out = new(GitHubUsernameAttribute) - **out = **in - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = new(GitHubGroupNameAttribute) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubClaims. -func (in *GitHubClaims) DeepCopy() *GitHubClaims { - if in == nil { - return nil - } - out := new(GitHubClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubClientSpec) DeepCopyInto(out *GitHubClientSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubClientSpec. -func (in *GitHubClientSpec) DeepCopy() *GitHubClientSpec { - if in == nil { - return nil - } - out := new(GitHubClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProvider) DeepCopyInto(out *GitHubIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProvider. -func (in *GitHubIdentityProvider) DeepCopy() *GitHubIdentityProvider { - if in == nil { - return nil - } - out := new(GitHubIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *GitHubIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderList) DeepCopyInto(out *GitHubIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]GitHubIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderList. -func (in *GitHubIdentityProviderList) DeepCopy() *GitHubIdentityProviderList { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *GitHubIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderSpec) DeepCopyInto(out *GitHubIdentityProviderSpec) { - *out = *in - in.GitHubAPI.DeepCopyInto(&out.GitHubAPI) - in.Claims.DeepCopyInto(&out.Claims) - in.AllowAuthentication.DeepCopyInto(&out.AllowAuthentication) - out.Client = in.Client - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderSpec. -func (in *GitHubIdentityProviderSpec) DeepCopy() *GitHubIdentityProviderSpec { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderStatus) DeepCopyInto(out *GitHubIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderStatus. -func (in *GitHubIdentityProviderStatus) DeepCopy() *GitHubIdentityProviderStatus { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubOrganizationsSpec) DeepCopyInto(out *GitHubOrganizationsSpec) { - *out = *in - if in.Policy != nil { - in, out := &in.Policy, &out.Policy - *out = new(GitHubAllowedAuthOrganizationsPolicy) - **out = **in - } - if in.Allowed != nil { - in, out := &in.Allowed, &out.Allowed - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubOrganizationsSpec. -func (in *GitHubOrganizationsSpec) DeepCopy() *GitHubOrganizationsSpec { - if in == nil { - return nil - } - out := new(GitHubOrganizationsSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider. -func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider { - if in == nil { - return nil - } - out := new(LDAPIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind. -func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderBind) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch. -func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderGroupSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes. -func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderGroupSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LDAPIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList. -func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - out.Bind = in.Bind - out.UserSearch = in.UserSearch - out.GroupSearch = in.GroupSearch - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec. -func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus. -func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch. -func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderUserSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes. -func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderUserSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) { - *out = *in - if in.AdditionalScopes != nil { - in, out := &in.AdditionalScopes, &out.AdditionalScopes - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AdditionalAuthorizeParameters != nil { - in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters - *out = make([]Parameter, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig. -func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig { - if in == nil { - return nil - } - out := new(OIDCAuthorizationConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) { - *out = *in - if in.AdditionalClaimMappings != nil { - in, out := &in.AdditionalClaimMappings, &out.AdditionalClaimMappings - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims. -func (in *OIDCClaims) DeepCopy() *OIDCClaims { - if in == nil { - return nil - } - out := new(OIDCClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider. -func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider { - if in == nil { - return nil - } - out := new(OIDCIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList. -func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) - in.Claims.DeepCopyInto(&out.Claims) - out.Client = in.Client - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec. -func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus. -func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Parameter) DeepCopyInto(out *Parameter) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. -func (in *Parameter) DeepCopy() *Parameter { - if in == nil { - return nil - } - out := new(Parameter) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { - *out = *in - if in.CertificateAuthorityDataSource != nil { - in, out := &in.CertificateAuthorityDataSource, &out.CertificateAuthorityDataSource - *out = new(CertificateAuthorityDataSourceSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. -func (in *TLSSpec) DeepCopy() *TLSSpec { - if in == nil { - return nil - } - out := new(TLSSpec) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.28/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.28/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go deleted file mode 100644 index 6a130e7b7..000000000 --- a/generated/1.28/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint -// as the "type" of each returned identity provider. -type IDPType string - -// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint -// in the array of allowed client "flows" for each returned identity provider. -type IDPFlow string - -const ( - IDPTypeOIDC IDPType = "oidc" - IDPTypeLDAP IDPType = "ldap" - IDPTypeActiveDirectory IDPType = "activedirectory" - IDPTypeGitHub IDPType = "github" - - IDPFlowCLIPassword IDPFlow = "cli_password" - IDPFlowBrowserAuthcode IDPFlow = "browser_authcode" -) - -// Equals is a convenience function for comparing an IDPType to a string. -func (r IDPType) Equals(s string) bool { - return string(r) == s -} - -// String is a convenience function to convert an IDPType to a string. -func (r IDPType) String() string { - return string(r) -} - -// Equals is a convenience function for comparing an IDPFlow to a string. -func (r IDPFlow) Equals(s string) bool { - return string(r) == s -} - -// String is a convenience function to convert an IDPFlow to a string. -func (r IDPFlow) String() string { - return string(r) -} - -// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration -// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider -// configuration metadata and only picks out the portion related to Supervisor identity provider discovery. -type OIDCDiscoveryResponse struct { - SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"` -} - -// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint. -type OIDCDiscoveryResponseIDPEndpoint struct { - PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"` -} - -// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint. -type IDPDiscoveryResponse struct { - PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"` - PinnipedSupportedIDPTypes []PinnipedSupportedIDPType `json:"pinniped_supported_identity_provider_types"` -} - -// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's -// identity provider discovery endpoint. -type PinnipedIDP struct { - Name string `json:"name"` - Type IDPType `json:"type"` - Flows []IDPFlow `json:"flows,omitempty"` -} - -// PinnipedSupportedIDPType describes a single identity provider type. -type PinnipedSupportedIDPType struct { - Type IDPType `json:"type"` -} diff --git a/generated/1.28/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.28/apis/supervisor/oidc/types_supervisor_oidc.go deleted file mode 100644 index 5ec745e67..000000000 --- a/generated/1.28/apis/supervisor/oidc/types_supervisor_oidc.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package oidc - -// Constants related to the Supervisor FederationDomain's authorization and token endpoints. -const ( - // AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username - // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant - // or an LDAPIdentityProvider. - AuthorizeUsernameHeaderName = "Pinniped-Username" - - // AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password - // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant - // or an LDAPIdentityProvider. - AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential - - // AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select - // which identity provider should be used for authentication by sending the name of the desired identity provider. - AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name" - - // AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select - // which identity provider should be used for authentication by sending the type of the desired identity provider. - AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type" - - // IDTokenClaimIssuer is name of the issuer claim defined by the OIDC spec. - IDTokenClaimIssuer = "iss" - - // IDTokenClaimSubject is name of the subject claim defined by the OIDC spec. - IDTokenClaimSubject = "sub" - - // IDTokenSubClaimIDPNameQueryParam is the name of the query param used in the values of the "sub" claim - // in Supervisor-issued ID tokens to identify with which external identity provider the user authenticated. - IDTokenSubClaimIDPNameQueryParam = "idpName" - - // IDTokenClaimAuthorizedParty is name of the authorized party claim defined by the OIDC spec. - IDTokenClaimAuthorizedParty = "azp" - - // IDTokenClaimUsername is the name of a custom claim in the downstream ID token whose value will contain the user's - // username which was mapped from the upstream identity provider. - IDTokenClaimUsername = "username" - - // IDTokenClaimGroups is the name of a custom claim in the downstream ID token whose value will contain the user's - // group names which were mapped from the upstream identity provider. - IDTokenClaimGroups = "groups" - - // IDTokenClaimAdditionalClaims is the top level claim used to hold additional claims in the downstream ID - // token, if any claims are present. - IDTokenClaimAdditionalClaims = "additionalClaims" - - // GrantTypeAuthorizationCode is the name of the grant type for authorization code flows defined by the OIDC spec. - GrantTypeAuthorizationCode = "authorization_code" - - // GrantTypeRefreshToken is the name of the grant type for refresh flow defined by the OIDC spec. - GrantTypeRefreshToken = "refresh_token" - - // GrantTypeTokenExchange is the name of a custom grant type for RFC8693 token exchanges. - GrantTypeTokenExchange = "urn:ietf:params:oauth:grant-type:token-exchange" //nolint:gosec // this is not a credential - - // ScopeOpenID is name of the openid scope defined by the OIDC spec. - ScopeOpenID = "openid" - - // ScopeOfflineAccess is name of the offline access scope defined by the OIDC spec, used for requesting refresh - // tokens. - ScopeOfflineAccess = "offline_access" - - // ScopeEmail is name of the email scope defined by the OIDC spec. - ScopeEmail = "email" - - // ScopeProfile is name of the profile scope defined by the OIDC spec. - ScopeProfile = "profile" - - // ScopeUsername is the name of a custom scope that determines whether the username claim will be returned inside - // ID tokens. - ScopeUsername = "username" - - // ScopeGroups is the name of a custom scope that determines whether the groups claim will be returned inside - // ID tokens. - ScopeGroups = "groups" - - // ScopeRequestAudience is the name of a custom scope that determines whether a RFC8693 token exchange is allowed to - // be used to request a different audience. - ScopeRequestAudience = "pinniped:request-audience" - - // ClientIDPinnipedCLI is the client ID of the statically defined public OIDC client which is used by the CLI. - ClientIDPinnipedCLI = "pinniped-cli" - - // ClientIDRequiredOIDCClientPrefix is the required prefix for the metadata.name of OIDCClient CRs. - ClientIDRequiredOIDCClientPrefix = "client.oauth.pinniped.dev-" -) diff --git a/generated/1.28/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.28/client/concierge/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index f589c0152..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,93 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" - identityv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1" - fakeidentityv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" - loginv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1" - fakeloginv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var ( - _ clientset.Interface = &Clientset{} - _ testing.FakeClient = &Clientset{} -) - -// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client -func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { - return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} -} - -// IdentityV1alpha1 retrieves the IdentityV1alpha1Client -func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { - return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake} -} - -// LoginV1alpha1 retrieves the LoginV1alpha1Client -func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { - return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.28/client/concierge/clientset/versioned/fake/doc.go b/generated/1.28/client/concierge/clientset/versioned/fake/doc.go deleted file mode 100644 index 273121fa7..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated fake clientset. -package fake diff --git a/generated/1.28/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.28/client/concierge/clientset/versioned/scheme/doc.go deleted file mode 100644 index ae325a52e..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/scheme/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package contains the scheme of the automatically generated clientset. -package scheme diff --git a/generated/1.28/client/concierge/clientset/versioned/scheme/register.go b/generated/1.28/client/concierge/clientset/versioned/scheme/register.go deleted file mode 100644 index 845ceb96e..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/scheme/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package scheme - -import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var Scheme = runtime.NewScheme() -var Codecs = serializer.NewCodecFactory(Scheme) -var ParameterCodec = runtime.NewParameterCodec(Scheme) -var localSchemeBuilder = runtime.SchemeBuilder{ - authenticationv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - identityv1alpha1.AddToScheme, - loginv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(Scheme)) -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go deleted file mode 100644 index 53e2229b8..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeJWTAuthenticators implements JWTAuthenticatorInterface -type FakeJWTAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var jwtauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators") - -var jwtauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator") - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go deleted file mode 100644 index 7fda9ac40..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface -type FakeWebhookAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var webhookauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators") - -var webhookauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator") - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go deleted file mode 100644 index 620fcdd90..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type JWTAuthenticatorExpansion interface{} - -type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 01e2ff1a5..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. -// A group's client should implement this interface. -type JWTAuthenticatorsGetter interface { - JWTAuthenticators() JWTAuthenticatorInterface -} - -// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. -type JWTAuthenticatorInterface interface { - Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) - Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) - JWTAuthenticatorExpansion -} - -// jWTAuthenticators implements JWTAuthenticatorInterface -type jWTAuthenticators struct { - client rest.Interface -} - -// newJWTAuthenticators returns a JWTAuthenticators -func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { - return &jWTAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Get(). - Resource("jwtauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.JWTAuthenticatorList{} - err = c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Post(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("jwtauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("jwtauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Patch(pt). - Resource("jwtauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 3aea2ff39..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. -// A group's client should implement this interface. -type WebhookAuthenticatorsGetter interface { - WebhookAuthenticators() WebhookAuthenticatorInterface -} - -// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. -type WebhookAuthenticatorInterface interface { - Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) - Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) - WebhookAuthenticatorExpansion -} - -// webhookAuthenticators implements WebhookAuthenticatorInterface -type webhookAuthenticators struct { - client rest.Interface -} - -// newWebhookAuthenticators returns a WebhookAuthenticators -func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { - return &webhookAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Get(). - Resource("webhookauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookAuthenticatorList{} - err = c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Post(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("webhookauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("webhookauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Patch(pt). - Resource("webhookauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 63224d980..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. -// A group's client should implement this interface. -type CredentialIssuersGetter interface { - CredentialIssuers() CredentialIssuerInterface -} - -// CredentialIssuerInterface has methods to work with CredentialIssuer resources. -type CredentialIssuerInterface interface { - Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) - Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) - CredentialIssuerExpansion -} - -// credentialIssuers implements CredentialIssuerInterface -type credentialIssuers struct { - client rest.Interface -} - -// newCredentialIssuers returns a CredentialIssuers -func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { - return &credentialIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Get(). - Resource("credentialissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.CredentialIssuerList{} - err = c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Post(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("credentialissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("credentialissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Patch(pt). - Resource("credentialissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go deleted file mode 100644 index 6c23f2aff..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCredentialIssuers implements CredentialIssuerInterface -type FakeCredentialIssuers struct { - Fake *FakeConfigV1alpha1 -} - -var credentialissuersResource = v1alpha1.SchemeGroupVersion.WithResource("credentialissuers") - -var credentialissuersKind = v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer") - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} - for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go deleted file mode 100644 index aefee6676..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type CredentialIssuerExpansion interface{} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go deleted file mode 100644 index 65f0b7e9f..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeWhoAmIRequests implements WhoAmIRequestInterface -type FakeWhoAmIRequests struct { - Fake *FakeIdentityV1alpha1 -} - -var whoamirequestsResource = v1alpha1.SchemeGroupVersion.WithResource("whoamirequests") - -var whoamirequestsKind = v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest") - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WhoAmIRequest), err -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go deleted file mode 100644 index fc7c9d90d..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type WhoAmIRequestExpansion interface{} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go deleted file mode 100644 index f86ce367a..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. -// A group's client should implement this interface. -type WhoAmIRequestsGetter interface { - WhoAmIRequests() WhoAmIRequestInterface -} - -// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. -type WhoAmIRequestInterface interface { - Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) - WhoAmIRequestExpansion -} - -// whoAmIRequests implements WhoAmIRequestInterface -type whoAmIRequests struct { - client rest.Interface -} - -// newWhoAmIRequests returns a WhoAmIRequests -func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { - return &whoAmIRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - result = &v1alpha1.WhoAmIRequest{} - err = c.client.Post(). - Resource("whoamirequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(whoAmIRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go deleted file mode 100644 index 62197a805..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeLoginV1alpha1 struct { - *testing.Fake -} - -func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { - return &FakeTokenCredentialRequests{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeLoginV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go deleted file mode 100644 index 68af77d31..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeTokenCredentialRequests implements TokenCredentialRequestInterface -type FakeTokenCredentialRequests struct { - Fake *FakeLoginV1alpha1 -} - -var tokencredentialrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests") - -var tokencredentialrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest") - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.TokenCredentialRequest), err -} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go deleted file mode 100644 index 43306b27e..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type TokenCredentialRequestExpansion interface{} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go deleted file mode 100644 index d3e5e4216..000000000 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. -// A group's client should implement this interface. -type TokenCredentialRequestsGetter interface { - TokenCredentialRequests() TokenCredentialRequestInterface -} - -// TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. -type TokenCredentialRequestInterface interface { - Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) - TokenCredentialRequestExpansion -} - -// tokenCredentialRequests implements TokenCredentialRequestInterface -type tokenCredentialRequests struct { - client rest.Interface -} - -// newTokenCredentialRequests returns a TokenCredentialRequests -func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { - return &tokenCredentialRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - result = &v1alpha1.TokenCredentialRequest{} - err = c.client.Post(). - Resource("tokencredentialrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tokenCredentialRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.28/client/concierge/informers/externalversions/authentication/interface.go deleted file mode 100644 index 09929d2fa..000000000 --- a/generated/1.28/client/concierge/informers/externalversions/authentication/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package authentication - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 71ab2ca9e..000000000 --- a/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerInformer provides access to a shared informer and lister for -// CredentialIssuers. -type CredentialIssuerInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.CredentialIssuerLister -} - -type credentialIssuerInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) - }, - }, - &configv1alpha1.CredentialIssuer{}, - resyncPeriod, - indexers, - ) -} - -func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) -} - -func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { - return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.28/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.28/client/concierge/listers/authentication/v1alpha1/expansion_generated.go deleted file mode 100644 index 978c75289..000000000 --- a/generated/1.28/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// JWTAuthenticatorListerExpansion allows custom methods to be added to -// JWTAuthenticatorLister. -type JWTAuthenticatorListerExpansion interface{} - -// WebhookAuthenticatorListerExpansion allows custom methods to be added to -// WebhookAuthenticatorLister. -type WebhookAuthenticatorListerExpansion interface{} diff --git a/generated/1.28/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.28/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 1ddbac889..000000000 --- a/generated/1.28/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorLister helps list JWTAuthenticators. -// All objects returned here must be treated as read-only. -type JWTAuthenticatorLister interface { - // List lists all JWTAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) - // Get retrieves the JWTAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.JWTAuthenticator, error) - JWTAuthenticatorListerExpansion -} - -// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. -type jWTAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. -func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { - return &jWTAuthenticatorLister{indexer: indexer} -} - -// List lists all JWTAuthenticators in the indexer. -func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) - }) - return ret, err -} - -// Get retrieves the JWTAuthenticator from the index for a given name. -func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) - } - return obj.(*v1alpha1.JWTAuthenticator), nil -} diff --git a/generated/1.28/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.28/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 6cb888547..000000000 --- a/generated/1.28/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorLister helps list WebhookAuthenticators. -// All objects returned here must be treated as read-only. -type WebhookAuthenticatorLister interface { - // List lists all WebhookAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) - // Get retrieves the WebhookAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookAuthenticator, error) - WebhookAuthenticatorListerExpansion -} - -// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. -type webhookAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. -func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { - return &webhookAuthenticatorLister{indexer: indexer} -} - -// List lists all WebhookAuthenticators in the indexer. -func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) - }) - return ret, err -} - -// Get retrieves the WebhookAuthenticator from the index for a given name. -func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) - } - return obj.(*v1alpha1.WebhookAuthenticator), nil -} diff --git a/generated/1.28/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.28/client/concierge/listers/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 0eec162cf..000000000 --- a/generated/1.28/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerLister helps list CredentialIssuers. -// All objects returned here must be treated as read-only. -type CredentialIssuerLister interface { - // List lists all CredentialIssuers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) - // Get retrieves the CredentialIssuer from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.CredentialIssuer, error) - CredentialIssuerListerExpansion -} - -// credentialIssuerLister implements the CredentialIssuerLister interface. -type credentialIssuerLister struct { - indexer cache.Indexer -} - -// NewCredentialIssuerLister returns a new CredentialIssuerLister. -func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { - return &credentialIssuerLister{indexer: indexer} -} - -// List lists all CredentialIssuers in the indexer. -func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.CredentialIssuer)) - }) - return ret, err -} - -// Get retrieves the CredentialIssuer from the index for a given name. -func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) - } - return obj.(*v1alpha1.CredentialIssuer), nil -} diff --git a/generated/1.28/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.28/client/concierge/listers/config/v1alpha1/expansion_generated.go deleted file mode 100644 index 330aec0ec..000000000 --- a/generated/1.28/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// CredentialIssuerListerExpansion allows custom methods to be added to -// CredentialIssuerLister. -type CredentialIssuerListerExpansion interface{} diff --git a/generated/1.28/client/go.mod b/generated/1.28/client/go.mod deleted file mode 100644 index 6d7124d8f..000000000 --- a/generated/1.28/client/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.28/client - -go 1.13 - -replace go.pinniped.dev/generated/1.28/apis => ../apis - -require ( - go.pinniped.dev/generated/1.28/apis v0.0.0 - k8s.io/apimachinery v0.28.15 - k8s.io/client-go v0.28.15 - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 -) diff --git a/generated/1.28/client/go.sum b/generated/1.28/client/go.sum deleted file mode 100644 index 3903dc977..000000000 --- a/generated/1.28/client/go.sum +++ /dev/null @@ -1,360 +0,0 @@ -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= -github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= -github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= -github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw= -github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= -github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= -github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= -github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= -github.com/onsi/ginkgo/v2 v2.9.2/go.mod h1:WHcJJG2dIlcCqVfBAwUCrJxSPFb6v4azBwgxeMeDuts= -github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= -github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= -github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= -github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= -github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= -github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= -github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= -github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= -github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= -github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.28.15 h1:u+Sze8gI+DayQxndS0htiJf8yVooHyUx/H4jEehtmNs= -k8s.io/api v0.28.15/go.mod h1:SJuOJTphYG05iJC9UKnUTNkY84Mvveu1P7adCgWqjCg= -k8s.io/apimachinery v0.28.15 h1:Jg15ZoCcAgnhSRKVS6tQyUZaX9c3i08bl2qAz8XE3bI= -k8s.io/apimachinery v0.28.15/go.mod h1:zUG757HaKs6Dc3iGtKjzIpBfqTM4yiRsEe3/E7NX15o= -k8s.io/client-go v0.28.15 h1:+g6Ub+i6tacV3tYJaoyK6bizpinPkamcEwsiKyHcIxc= -k8s.io/client-go v0.28.15/go.mod h1:/4upIpTbhWQVSXKDqTznjcAegj2Bx73mW/i0aennJrY= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/generated/1.28/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.28/client/supervisor/clientset/versioned/fake/doc.go deleted file mode 100644 index 273121fa7..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated fake clientset. -package fake diff --git a/generated/1.28/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.28/client/supervisor/clientset/versioned/scheme/doc.go deleted file mode 100644 index ae325a52e..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/scheme/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package contains the scheme of the automatically generated clientset. -package scheme diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go deleted file mode 100644 index 5c44f4c8b..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type FakeOIDCClientSecretRequests struct { - Fake *FakeClientsecretV1alpha1 - ns string -} - -var oidcclientsecretrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests") - -var oidcclientsecretrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest") - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *FakeOIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsecretrequestsResource, c.ns, oIDCClientSecretRequest), &v1alpha1.OIDCClientSecretRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClientSecretRequest), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go b/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go deleted file mode 100644 index 98c7f1453..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientSecretRequestExpansion interface{} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go deleted file mode 100644 index f6a670c45..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. -// A group's client should implement this interface. -type OIDCClientSecretRequestsGetter interface { - OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface -} - -// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. -type OIDCClientSecretRequestInterface interface { - Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*v1alpha1.OIDCClientSecretRequest, error) - OIDCClientSecretRequestExpansion -} - -// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type oIDCClientSecretRequests struct { - client rest.Interface - ns string -} - -// newOIDCClientSecretRequests returns a OIDCClientSecretRequests -func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { - return &oIDCClientSecretRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *oIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - result = &v1alpha1.OIDCClientSecretRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclientsecretrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClientSecretRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go deleted file mode 100644 index b8eeb632b..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeConfigV1alpha1 struct { - *testing.Fake -} - -func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { - return &FakeFederationDomains{c, namespace} -} - -func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go deleted file mode 100644 index 230b88d7e..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeFederationDomains implements FederationDomainInterface -type FakeFederationDomains struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var federationdomainsResource = v1alpha1.SchemeGroupVersion.WithResource("federationdomains") - -var federationdomainsKind = v1alpha1.SchemeGroupVersion.WithKind("FederationDomain") - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} - for _, item := range obj.(*v1alpha1.FederationDomainList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) - -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) - return err -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index aa47baf43..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var oidcclientsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclients") - -var oidcclientsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClient") - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcclientsResource, c.ns, name, opts), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go deleted file mode 100644 index 7398e65c1..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// FederationDomainsGetter has a method to return a FederationDomainInterface. -// A group's client should implement this interface. -type FederationDomainsGetter interface { - FederationDomains(namespace string) FederationDomainInterface -} - -// FederationDomainInterface has methods to work with FederationDomain resources. -type FederationDomainInterface interface { - Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) - Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) - FederationDomainExpansion -} - -// federationDomains implements FederationDomainInterface -type federationDomains struct { - client rest.Interface - ns string -} - -// newFederationDomains returns a FederationDomains -func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { - return &federationDomains{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.FederationDomainList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Post(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go deleted file mode 100644 index 90b617d6d..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type FederationDomainExpansion interface{} - -type OIDCClientExpansion interface{} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go deleted file mode 100644 index 56aca6445..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCClientsGetter has a method to return a OIDCClientInterface. -// A group's client should implement this interface. -type OIDCClientsGetter interface { - OIDCClients(namespace string) OIDCClientInterface -} - -// OIDCClientInterface has methods to work with OIDCClient resources. -type OIDCClientInterface interface { - Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (*v1alpha1.OIDCClient, error) - Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCClient, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCClientList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) - OIDCClientExpansion -} - -// oIDCClients implements OIDCClientInterface -type oIDCClients struct { - client rest.Interface - ns string -} - -// newOIDCClients returns a OIDCClients -func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { - return &oIDCClients{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *oIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *oIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCClientList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *oIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *oIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *oIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 2b85518d8..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. -// A group's client should implement this interface. -type ActiveDirectoryIdentityProvidersGetter interface { - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface -} - -// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. -type ActiveDirectoryIdentityProviderInterface interface { - Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) - ActiveDirectoryIdentityProviderExpansion -} - -// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type activeDirectoryIdentityProviders struct { - client rest.Interface - ns string -} - -// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders -func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { - return &activeDirectoryIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ActiveDirectoryIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go deleted file mode 100644 index 8d61a6e6a..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type FakeActiveDirectoryIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var activedirectoryidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders") - -var activedirectoryidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider") - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go deleted file mode 100644 index e1916f463..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeGitHubIdentityProviders implements GitHubIdentityProviderInterface -type FakeGitHubIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var githubidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders") - -var githubidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider") - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *FakeGitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(githubidentityprovidersResource, c.ns, name), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *FakeGitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(githubidentityprovidersResource, githubidentityprovidersKind, c.ns, opts), &v1alpha1.GitHubIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.GitHubIdentityProviderList{ListMeta: obj.(*v1alpha1.GitHubIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.GitHubIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *FakeGitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(githubidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeGitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(githubidentityprovidersResource, "status", c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeGitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(githubidentityprovidersResource, c.ns, name, opts), &v1alpha1.GitHubIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeGitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(githubidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.GitHubIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *FakeGitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(githubidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go deleted file mode 100644 index 1b2fdbc26..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface -type FakeLDAPIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var ldapidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders") - -var ldapidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider") - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go deleted file mode 100644 index 10cc16a30..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface -type FakeOIDCIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var oidcidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders") - -var oidcidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider") - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go deleted file mode 100644 index c65a11227..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type ActiveDirectoryIdentityProviderExpansion interface{} - -type GitHubIdentityProviderExpansion interface{} - -type LDAPIdentityProviderExpansion interface{} - -type OIDCIdentityProviderExpansion interface{} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index eac78b453..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. -// A group's client should implement this interface. -type GitHubIdentityProvidersGetter interface { - GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface -} - -// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. -type GitHubIdentityProviderInterface interface { - Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.GitHubIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.GitHubIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) - GitHubIdentityProviderExpansion -} - -// gitHubIdentityProviders implements GitHubIdentityProviderInterface -type gitHubIdentityProviders struct { - client rest.Interface - ns string -} - -// newGitHubIdentityProviders returns a GitHubIdentityProviders -func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { - return &gitHubIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *gitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *gitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.GitHubIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *gitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *gitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *gitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *gitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *gitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 50c944591..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. -// A group's client should implement this interface. -type LDAPIdentityProvidersGetter interface { - LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface -} - -// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. -type LDAPIdentityProviderInterface interface { - Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) - LDAPIdentityProviderExpansion -} - -// lDAPIdentityProviders implements LDAPIdentityProviderInterface -type lDAPIdentityProviders struct { - client rest.Interface - ns string -} - -// newLDAPIdentityProviders returns a LDAPIdentityProviders -func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { - return &lDAPIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.LDAPIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 896e0153f..000000000 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. -// A group's client should implement this interface. -type OIDCIdentityProvidersGetter interface { - OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface -} - -// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. -type OIDCIdentityProviderInterface interface { - Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) - OIDCIdentityProviderExpansion -} - -// oIDCIdentityProviders implements OIDCIdentityProviderInterface -type oIDCIdentityProviders struct { - client rest.Interface - ns string -} - -// newOIDCIdentityProviders returns a OIDCIdentityProviders -func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { - return &oIDCIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.28/client/supervisor/informers/externalversions/config/interface.go b/generated/1.28/client/supervisor/informers/externalversions/config/interface.go deleted file mode 100644 index 52cbd83de..000000000 --- a/generated/1.28/client/supervisor/informers/externalversions/config/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package config - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go deleted file mode 100644 index 0d26dfcef..000000000 --- a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// FederationDomainInformer provides access to a shared informer and lister for -// FederationDomains. -type FederationDomainInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.FederationDomainLister -} - -type federationDomainInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.FederationDomain{}, - resyncPeriod, - indexers, - ) -} - -func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) -} - -func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { - return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.28/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.28/client/supervisor/listers/config/v1alpha1/expansion_generated.go deleted file mode 100644 index effe04ea8..000000000 --- a/generated/1.28/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// FederationDomainListerExpansion allows custom methods to be added to -// FederationDomainLister. -type FederationDomainListerExpansion interface{} - -// FederationDomainNamespaceListerExpansion allows custom methods to be added to -// FederationDomainNamespaceLister. -type FederationDomainNamespaceListerExpansion interface{} - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.28/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.28/client/supervisor/listers/config/v1alpha1/federationdomain.go deleted file mode 100644 index 71b840cea..000000000 --- a/generated/1.28/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// FederationDomainLister helps list FederationDomains. -// All objects returned here must be treated as read-only. -type FederationDomainLister interface { - // List lists all FederationDomains in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) - // FederationDomains returns an object that can list and get FederationDomains. - FederationDomains(namespace string) FederationDomainNamespaceLister - FederationDomainListerExpansion -} - -// federationDomainLister implements the FederationDomainLister interface. -type federationDomainLister struct { - indexer cache.Indexer -} - -// NewFederationDomainLister returns a new FederationDomainLister. -func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { - return &federationDomainLister{indexer: indexer} -} - -// List lists all FederationDomains in the indexer. -func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// FederationDomains returns an object that can list and get FederationDomains. -func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { - return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// FederationDomainNamespaceLister helps list and get FederationDomains. -// All objects returned here must be treated as read-only. -type FederationDomainNamespaceLister interface { - // List lists all FederationDomains in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) - // Get retrieves the FederationDomain from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.FederationDomain, error) - FederationDomainNamespaceListerExpansion -} - -// federationDomainNamespaceLister implements the FederationDomainNamespaceLister -// interface. -type federationDomainNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all FederationDomains in the indexer for a given namespace. -func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// Get retrieves the FederationDomain from the indexer for a given namespace and name. -func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) - } - return obj.(*v1alpha1.FederationDomain), nil -} diff --git a/generated/1.28/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.28/client/supervisor/listers/config/v1alpha1/oidcclient.go deleted file mode 100644 index 4e75b3239..000000000 --- a/generated/1.28/client/supervisor/listers/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.28/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.28/client/supervisor/listers/idp/v1alpha1/expansion_generated.go deleted file mode 100644 index ffcb6c289..000000000 --- a/generated/1.28/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// ActiveDirectoryIdentityProviderListerExpansion allows custom methods to be added to -// ActiveDirectoryIdentityProviderLister. -type ActiveDirectoryIdentityProviderListerExpansion interface{} - -// ActiveDirectoryIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// ActiveDirectoryIdentityProviderNamespaceLister. -type ActiveDirectoryIdentityProviderNamespaceListerExpansion interface{} - -// GitHubIdentityProviderListerExpansion allows custom methods to be added to -// GitHubIdentityProviderLister. -type GitHubIdentityProviderListerExpansion interface{} - -// GitHubIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// GitHubIdentityProviderNamespaceLister. -type GitHubIdentityProviderNamespaceListerExpansion interface{} - -// LDAPIdentityProviderListerExpansion allows custom methods to be added to -// LDAPIdentityProviderLister. -type LDAPIdentityProviderListerExpansion interface{} - -// LDAPIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// LDAPIdentityProviderNamespaceLister. -type LDAPIdentityProviderNamespaceListerExpansion interface{} - -// OIDCIdentityProviderListerExpansion allows custom methods to be added to -// OIDCIdentityProviderLister. -type OIDCIdentityProviderListerExpansion interface{} - -// OIDCIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// OIDCIdentityProviderNamespaceLister. -type OIDCIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.28/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.28/client/supervisor/openapi/zz_generated.openapi.go deleted file mode 100644 index 55d5e2399..000000000 --- a/generated/1.28/client/supervisor/openapi/zz_generated.openapi.go +++ /dev/null @@ -1,2658 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by openapi-gen. DO NOT EDIT. - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - common "k8s.io/kube-openapi/pkg/common" - spec "k8s.io/kube-openapi/pkg/validation/spec" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of OIDCClientSecretRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generateNewSecret": { - SchemaProps: spec.SchemaProps{ - Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "revokeOldSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generatedSecret": { - SchemaProps: spec.SchemaProps{ - Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", - Type: []string{"string"}, - Format: "", - }, - }, - "totalClientSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"totalClientSecrets"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the name of the group.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the versions supported in this group.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - }, - }, - }, - "preferredVersion": { - SchemaProps: spec.SchemaProps{ - Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"name", "versions"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "groups is a list of APIGroup.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"groups"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, - } -} - -func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResource specifies the name of a resource and whether it is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the plural name of the resource.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "singularName": { - SchemaProps: spec.SchemaProps{ - Description: "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "namespaced": { - SchemaProps: spec.SchemaProps{ - Description: "namespaced indicates if a resource is namespaced or not.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "verbs": { - SchemaProps: spec.SchemaProps{ - Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "shortNames": { - SchemaProps: spec.SchemaProps{ - Description: "shortNames is a list of suggested short names of the resource.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "categories": { - SchemaProps: spec.SchemaProps{ - Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "storageVersionHash": { - SchemaProps: spec.SchemaProps{ - Description: "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "singularName", "namespaced", "kind", "verbs"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion is the group and version this APIResourceList is for.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resources": { - SchemaProps: spec.SchemaProps{ - Description: "resources contains the name of the resources and if they are namespaced.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), - }, - }, - }, - }, - }, - }, - Required: []string{"groupVersion", "resources"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, - } -} - -func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the api versions that are available.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"versions", "serverAddressByClientCIDRs"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ApplyOptions may be provided when applying an API object. FieldManager is required for apply requests. ApplyOptions is equivalent to PatchOptions. It is provided as a convenience with documentation that speaks specifically to how the options fields relate to apply.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"force", "fieldManager"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition contains details for one aspect of the current state of this API Resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CreateOptions may be provided when creating an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "DeleteOptions may be provided when deleting an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "gracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "preconditions": { - SchemaProps: spec.SchemaProps{ - Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), - }, - }, - "orphanDependents": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "propagationPolicy": { - SchemaProps: spec.SchemaProps{ - Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, - } -} - -func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_FieldsV1(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.\n\nEach key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:', where is the name of a field in a struct, or key in a map 'v:', where is the exact json formatted value of a list item 'i:', where is position of a item in a list 'k:', where is a map of a list item's key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.\n\nThe exact format is defined in sigs.k8s.io/structured-merge-diff", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GetOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GetOptions is the standard query options to the standard REST get call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion specifies the API group and version in the form \"group/version\"", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"groupVersion", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "InternalEvent makes watch.Event versioned", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "Type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "Object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), - }, - }, - }, - Required: []string{"Type", "Object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "matchLabels": { - SchemaProps: spec.SchemaProps{ - Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "matchExpressions": { - SchemaProps: spec.SchemaProps{ - Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), - }, - }, - }, - }, - }, - }, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - SchemaProps: spec.SchemaProps{ - Description: "key is the label key that the selector applies to.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "operator": { - SchemaProps: spec.SchemaProps{ - Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"key", "operator"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List holds a list of objects, which may not be known by the server.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "List of objects", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", - Type: []string{"string"}, - Format: "", - }, - }, - "remainingItemCount": { - SchemaProps: spec.SchemaProps{ - Description: "remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is *estimating* the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListOptions is the query options to a standard REST list call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "labelSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "watch": { - SchemaProps: spec.SchemaProps{ - Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "allowWatchBookmarks": { - SchemaProps: spec.SchemaProps{ - Description: "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersionMatch": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "timeoutSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "limit": { - SchemaProps: spec.SchemaProps{ - Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - Type: []string{"string"}, - Format: "", - }, - }, - "sendInitialEvents": { - SchemaProps: spec.SchemaProps{ - Description: "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "manager": { - SchemaProps: spec.SchemaProps{ - Description: "Manager is an identifier of the workflow managing these fields.", - Type: []string{"string"}, - Format: "", - }, - }, - "operation": { - SchemaProps: spec.SchemaProps{ - Description: "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", - Type: []string{"string"}, - Format: "", - }, - }, - "time": { - SchemaProps: spec.SchemaProps{ - Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "fieldsType": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: \"FieldsV1\"", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldsV1": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), - }, - }, - "subresource": { - SchemaProps: spec.SchemaProps{ - Description: "Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Type: []string{"string"}, - Format: "", - }, - }, - "generateName": { - SchemaProps: spec.SchemaProps{ - Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will return a 409.\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency", - Type: []string{"string"}, - Format: "", - }, - }, - "namespace": { - SchemaProps: spec.SchemaProps{ - Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces", - Type: []string{"string"}, - Format: "", - }, - }, - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "generation": { - SchemaProps: spec.SchemaProps{ - Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "creationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionGracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "labels": { - SchemaProps: spec.SchemaProps{ - Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "annotations": { - SchemaProps: spec.SchemaProps{ - Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "ownerReferences": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "uid", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), - }, - }, - }, - }, - }, - "finalizers": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "managedFields": { - SchemaProps: spec.SchemaProps{ - Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "API version of the referent.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "controller": { - SchemaProps: spec.SchemaProps{ - Description: "If true, this reference points to the managing controller.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "blockOwnerDeletion": { - SchemaProps: spec.SchemaProps{ - Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"apiVersion", "kind", "name", "uid"}, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadataList contains a list of objects containing only their metadata", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "items contains each of the included items.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, - } -} - -func schema_pkg_apis_meta_v1_Patch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PatchOptions may be provided when patching an API object. PatchOptions is meant to be a superset of UpdateOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Preconditions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target UID.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target ResourceVersion", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "paths": { - SchemaProps: spec.SchemaProps{ - Description: "paths are the paths available at root.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"paths"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "clientCIDR": { - SchemaProps: spec.SchemaProps{ - Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "serverAddress": { - SchemaProps: spec.SchemaProps{ - Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"clientCIDR", "serverAddress"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is a return value for calls that don't return other objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the status of this operation.", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - Type: []string{"string"}, - Format: "", - }, - }, - "details": { - SchemaProps: spec.SchemaProps{ - Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), - }, - }, - "code": { - SchemaProps: spec.SchemaProps{ - Description: "Suggested HTTP return code for this status, 0 if not set.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, - } -} - -func schema_pkg_apis_meta_v1_StatusCause(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", - Type: []string{"string"}, - Format: "", - }, - }, - "field": { - SchemaProps: spec.SchemaProps{ - Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", - Type: []string{"string"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "The group attribute of the resource associated with the status StatusReason.", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "causes": { - SchemaProps: spec.SchemaProps{ - Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), - }, - }, - }, - }, - }, - "retryAfterSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, - } -} - -func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "columnDefinitions": { - SchemaProps: spec.SchemaProps{ - Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), - }, - }, - }, - }, - }, - "rows": { - SchemaProps: spec.SchemaProps{ - Description: "rows is the list of items in the table.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), - }, - }, - }, - }, - }, - }, - Required: []string{"columnDefinitions", "rows"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, - } -} - -func schema_pkg_apis_meta_v1_TableColumnDefinition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableColumnDefinition contains information about a column returned in the Table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is a human readable name for the column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type is an OpenAPI type definition for this column, such as number, integer, string, or array. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "format": { - SchemaProps: spec.SchemaProps{ - Description: "format is an optional OpenAPI type modifier for this column. A format modifies the type and imposes additional rules, like date or time formatting for a string. The 'name' format is applied to the primary identifier column which has type 'string' to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "description": { - SchemaProps: spec.SchemaProps{ - Description: "description is a human readable description of this column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "priority": { - SchemaProps: spec.SchemaProps{ - Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"name", "type", "format", "description", "priority"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableOptions are used when a Table is requested by the caller.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "includeObject": { - SchemaProps: spec.SchemaProps{ - Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRow is an individual row in a table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "cells": { - SchemaProps: spec.SchemaProps{ - Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Format: "", - }, - }, - }, - }, - }, - "conditions": { - SchemaProps: spec.SchemaProps{ - Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), - }, - }, - }, - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"cells"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_TableRowCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRowCondition allows a row to be marked with additional information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type of row condition. The only defined value is 'Completed' indicating that the object this row represents has reached a completed state and may be given less visual priority than other rows. Clients are not required to honor any conditions but should be consistent where possible about handling the conditions.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "(brief) machine readable reason for the condition's last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "Human readable message indicating details about last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Timestamp(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "seconds": { - SchemaProps: spec.SchemaProps{ - Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.", - Default: 0, - Type: []string{"integer"}, - Format: "int64", - }, - }, - "nanos": { - SchemaProps: spec.SchemaProps{ - Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"seconds", "nanos"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UpdateOptions may be provided when updating an API object. All fields in UpdateOptions should also be present in PatchOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Event represents a single event to a watched resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"type", "object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.Object `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// External package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// On the wire, the JSON will look something like this:\n\n\t{\n\t\t\"kind\":\"MyAPIObject\",\n\t\t\"apiVersion\":\"v1\",\n\t\t\"myPlugin\": {\n\t\t\t\"kind\":\"PluginA\",\n\t\t\t\"aOption\":\"foo\",\n\t\t},\n\t}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", - Type: []string{"object"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this:\n\n\ttype MyAwesomeAPIObject struct {\n\t runtime.TypeMeta `json:\",inline\"`\n\t ... // other fields\n\t}\n\nfunc (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "ContentEncoding": { - SchemaProps: spec.SchemaProps{ - Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "ContentType": { - SchemaProps: spec.SchemaProps{ - Description: "ContentType is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"ContentEncoding", "ContentType"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Info contains versioning information. how we'll want to distribute that information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "major": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "minor": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitCommit": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitTreeState": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "buildDate": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "goVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "compiler": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "platform": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"}, - }, - }, - } -} diff --git a/generated/1.29/README.adoc b/generated/1.29/README.adoc deleted file mode 100644 index ddb30051b..000000000 --- a/generated/1.29/README.adoc +++ /dev/null @@ -1,2726 +0,0 @@ -// Generated documentation. Please do not edit. -:anchor_prefix: k8s-api - -[id="{p}-api-reference"] -== API Reference - -.Packages -- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-clientsecret-supervisor-pinniped-dev-clientsecret[$$clientsecret.supervisor.pinniped.dev/clientsecret$$] -- xref:{anchor_prefix}-clientsecret-supervisor-pinniped-dev-v1alpha1[$$clientsecret.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1[$$config.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1[$$config.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-identity-concierge-pinniped-dev-identity[$$identity.concierge.pinniped.dev/identity$$] -- xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] - - -[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] -=== authentication.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] -==== CertificateAuthorityDataSourceKind (string) - -CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] -==== CertificateAuthorityDataSourceSpec - -CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + -Allowed values are "Secret" or "ConfigMap". + -"ConfigMap" uses a Kubernetes configmap to source CA Bundles. + -"Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + -| *`name`* __string__ | Name is the resource name of the secret or configmap from which to read the CA bundle. + -The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. + -| *`key`* __string__ | Key is the key name within the secret or configmap from which to read the CA bundle. + -The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded + -certificate bundle. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-claimvalidationrule"] -==== ClaimValidationRule - -ClaimValidationRule provides the configuration for a single claim validation rule. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`claim`* __string__ | claim is the name of a required claim. + -Only string claim keys are supported. + -Mutually exclusive with expression and message. + -| *`requiredValue`* __string__ | requiredValue is the value of a required claim. + -Only string claim values are supported. + -If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. + -Mutually exclusive with expression and message. + -| *`expression`* __string__ | expression represents the expression which will be evaluated by CEL. + -Must produce a boolean. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + -Must return true for the validation to pass. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with claim and requiredValue. + -| *`message`* __string__ | message customizes the returned error message when expression returns false. + -message is a literal string. + -Mutually exclusive with claim and requiredValue. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-extramapping"] -==== ExtraMapping - -ExtraMapping provides the configuration for a single extra mapping. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`key`* __string__ | key is a string to use as the extra attribute key. + -key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid + -subdomain as defined by RFC 1123. All characters trailing the first "/" must + -be valid HTTP Path characters as defined by RFC 3986. + -key must be lowercase. + -Required to be unique. + -Additionally, the key must not contain an equals sign ("="). + -| *`valueExpression`* __string__ | valueExpression is a CEL expression to extract extra attribute value. + -valueExpression must produce a string or string array value. + -"", [], and null values are treated as the extra mapping not being present. + -Empty string values contained within a string array are filtered out. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticator"] -==== JWTAuthenticator - -JWTAuthenticator describes the configuration of a JWT authenticator. - -Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid -signature, existence of claims, etc.) and extract the username and groups from the token. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] -==== JWTAuthenticatorPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] -==== JWTAuthenticatorSpec - -JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + -also used to validate the "iss" JWT claim. + -| *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + -for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + -This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + -https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, mistakes in this + -configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + -These allow invariants to be applied to incoming identities such as preventing the + -use of the system: prefix that is commonly used by Kubernetes components. + -The validation rules are logically ANDed together and must all return true for the validation to pass. + -This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + -https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, mistakes in this + -configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] -==== JWTAuthenticatorStatus - -JWTAuthenticatorStatus is the status of a JWT authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwttokenclaims"] -==== JWTTokenClaims - -JWTTokenClaims allows customization of the claims that will be mapped to user identity -for Kubernetes access. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | username is the name of the claim which should be read to extract the + -username from the JWT token. When not specified, it will default to "username", + -unless usernameExpression is specified. + - -Mutually exclusive with usernameExpression. Use either username or usernameExpression to + -determine the user's username from the JWT token. + -| *`usernameExpression`* __string__ | usernameExpression represents an expression which will be evaluated by CEL. + -The expression's result will become the user's username. + - -usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to the expected type without errors, or else the user's login will fail. + -Additionally, mistakes in this configuration can cause the users to have unintended usernames. + - -The expression must produce a non-empty string value. + -If the expression uses 'claims.email', then 'claims.email_verified' must be used in + -the expression or extra[*].valueExpression or claimValidationRules[*].expression. + -An example claim validation rule expression that matches the validation automatically + -applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. + -By explicitly comparing the value to true, we let type-checking see the result will be a boolean, + -and to make sure a non-boolean email_verified claim will be caught at runtime. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with username. Use either username or usernameExpression to + -determine the user's username from the JWT token. + -| *`groups`* __string__ | groups is the name of the claim which should be read to extract the user's + -group membership from the JWT token. When not specified, it will default to "groups", + -unless groupsExpression is specified. + - -Mutually exclusive with groupsExpression. Use either groups or groupsExpression to + -determine the user's group membership from the JWT token. + -| *`groupsExpression`* __string__ | groupsExpression represents an expression which will be evaluated by CEL. + -The expression's result will become the user's group memberships. + - -groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to one of the expected types without errors, or else the user's login will fail. + -Additionally, mistakes in this configuration can cause the users to have unintended group memberships. + - -The expression must produce a string or string array value. + -"", [], and null values are treated as the group mapping not being present. + - -CEL expressions have access to the contents of the token claims, organized into CEL variable: + -- 'claims' is a map of claim names to claim values. + -For example, a variable named 'sub' can be accessed as 'claims.sub'. + -Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -Mutually exclusive with groups. Use either groups or groupsExpression to + -determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + -as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + - -However, note that the Pinniped Concierge issues client certificates to users for the purpose + -of authenticating, and the Kubernetes API server does not have any mechanism for transmitting + -auth extras via client certificates. When configured, these extras will appear in client + -certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational + -Units (OU). However, when this client certificate is presented to Kubernetes for authentication, + -Kubernetes will ignore these extras. This is probably only useful if you are using a custom + -authenticating proxy in front of your Kubernetes API server which can translate these OUs into + -auth extras, as described by + -https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. + -This is an advanced configuration option. During an end-user login flow, each of these CEL expressions + -must evaluate to either a string or an array of strings, or else the user's login will fail. + - -These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). + - -expression must produce a string or string array value. + -If the value is empty, the extra mapping will not be present. + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + - -hard-coded extra key/value + -- key: "acme.io/foo" + -valueExpression: "'bar'" + -This will result in an extra attribute - acme.io/foo: ["bar"] + - -hard-coded key, value copying claim value + -- key: "acme.io/foo" + -valueExpression: "claims.some_claim" + -This will result in an extra attribute - acme.io/foo: [value of some_claim] + - -hard-coded key, value derived from claim value + -- key: "acme.io/admin" + -valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' + -This will result in: + -- if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] + -- if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-tlsspec"] -==== TLSSpec - -TLSSpec provides TLS configuration on various authenticators. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + -Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-uservalidationrule"] -==== UserValidationRule - -UserValidationRule provides the configuration for a single user info validation rule. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`expression`* __string__ | expression represents the expression which will be evaluated by CEL. + -Must return true for the validation to pass. + - -CEL expressions have access to the contents of UserInfo, organized into CEL variable: + -- 'user' - authentication.k8s.io/v1, Kind=UserInfo object + -Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. + -API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io + - -Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + -| *`message`* __string__ | message customizes the returned error message when rule returns false. + -message is a literal string. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticator"] -==== WebhookAuthenticator - -WebhookAuthenticator describes the configuration of a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] -==== WebhookAuthenticatorPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] -==== WebhookAuthenticatorSpec - -Spec for configuring a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] -==== WebhookAuthenticatorStatus - -Status of a webhook authenticator. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + -|=== - - - -[id="{anchor_prefix}-clientsecret-supervisor-pinniped-dev-clientsecret"] -=== clientsecret.supervisor.pinniped.dev/clientsecret - -Package clientsecret is the internal version of the Pinniped client secret API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequest"] -==== OIDCClientSecretRequest - -OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] -==== OIDCClientSecretRequestSpec - -Spec of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`GenerateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. + -| *`RevokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] -==== OIDCClientSecretRequestStatus - -Status of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`GeneratedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. + -| *`TotalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - - -[id="{anchor_prefix}-clientsecret-supervisor-pinniped-dev-v1alpha1"] -=== clientsecret.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] -==== OIDCClientSecretRequest - -OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] -==== OIDCClientSecretRequestSpec - -Spec of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. + -| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] -==== OIDCClientSecretRequestStatus - -Status of the OIDCClientSecretRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. + -| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. + -|=== - - - -[id="{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1"] -=== config.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuer"] -==== CredentialIssuer - -CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerfrontend"] -==== CredentialIssuerFrontend - -CredentialIssuerFrontend describes how to connect using a particular integration strategy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + -This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + -This field is only set when Type is "ImpersonationProxy". + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerspec"] -==== CredentialIssuerSpec - -CredentialIssuerSpec describes the intended configuration of the Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstatus"] -==== CredentialIssuerStatus - -CredentialIssuerStatus describes the status of the Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy"] -==== CredentialIssuerStrategy - -CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + -| *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-frontendtype"] -==== FrontendType (string) - -FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyinfo"] -==== ImpersonationProxyInfo - -ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Endpoint is the HTTPS endpoint of the impersonation proxy. + -| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxymode"] -==== ImpersonationProxyMode (string) - -ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. -Allowed values are "auto", "enabled", or "disabled". - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] -==== ImpersonationProxyServiceSpec - -ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + - -If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + -value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + -| *`loadBalancerIP`* __string__ | LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. + -This is not supported on all cloud providers. + -| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] -==== ImpersonationProxyServiceType (string) - -ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. -Allowed values are "LoadBalancer", "ClusterIP", or "None". - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyspec"] -==== ImpersonationProxySpec - -ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + -- "disabled" explicitly disables the impersonation proxy. This is the default. + -- "enabled" explicitly enables the impersonation proxy. + -- "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + -| *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + -be served using the external name of the LoadBalancer service or the cluster service DNS name. + - -This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + - -If this field is empty, the impersonation proxy will generate its own TLS certificate. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] -==== ImpersonationProxyTLSSpec - -ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should -serve TLS. - -If CertificateAuthorityData is not provided, the Concierge impersonation proxy will check the secret -for a field called "ca.crt", which will be used as the CertificateAuthorityData. - -If neither CertificateAuthorityData nor ca.crt is provided, no CA bundle will be advertised for -the impersonation proxy endpoint. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). + -Used to advertise the CA bundle for the impersonation proxy endpoint. + -| *`secretName`* __string__ | SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + -the TLS serving certificate for the Concierge impersonation proxy endpoint. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategyreason"] -==== StrategyReason (string) - -StrategyReason enumerates the detailed reason why a strategy is in a particular status. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategystatus"] -==== StrategyStatus (string) - -StrategyStatus enumerates whether a strategy is working on a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-strategytype"] -==== StrategyType (string) - -StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] -==== TokenCredentialRequestAPIInfo - -TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`server`* __string__ | Server is the Kubernetes API server URL. + -| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. + -|=== - - - -[id="{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1"] -=== config.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomain"] -==== FederationDomain - -FederationDomain describes the configuration of an OIDC provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] -==== FederationDomainIdentityProvider - -FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + -kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + -disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + -If the reference cannot be resolved then the identity provider will not be made available. + -Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + -LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + -session refresh. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainphase"] -==== FederationDomainPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainsecrets"] -==== FederationDomainSecrets - -FederationDomainSecrets holds information about this OIDC Provider's secrets. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + -stored. If it is empty, then the signing/verification keys are either unknown or they don't + -exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + -encrypting state parameters is stored. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainspec"] -==== FederationDomainSpec - -FederationDomainSpec is a struct that describes an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the + -identifier that it will use for the iss claim in issued JWTs. This field will also be used as + -the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is + -https://example.com/foo, then your authorization endpoint will look like + -https://example.com/foo/some/path/to/auth/endpoint). + - -See + -https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + - -An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + -how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + -extract a normalized user identity. Normalized user identities include a username and a list of group names. + -In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which + -belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations + -on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid + -accidental conflicts when multiple identity providers have different users with the same username (e.g. + -"idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication + -rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow + -the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could + -disallow the authentication unless the user belongs to a specific group in the identity provider. + - -For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, + -an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which + -exist in the same namespace, but also to reject all authentication requests when there is more than one identity + -provider currently defined. In this backwards compatibility mode, the name of the identity provider resource + -(e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this + -FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of + -relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead + -explicitly list the identity provider using this IdentityProviders field. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainstatus"] -==== FederationDomainStatus - -FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] -==== FederationDomainTLSSpec - -FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + -the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret + -named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use + -for TLS. + - -Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + - -SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. + -SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same + -SecretName value even if they have different port numbers. + - -SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is + -configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). + -It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to + -use the default TLS certificate, which is configured elsewhere. + - -When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransforms"] -==== FederationDomainTransforms - -FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + -authentication attempt, including during every session refresh. + -Each is a CEL expression. It may use the basic CEL language as defined in + -https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + -https://github.com/google/cel-go/tree/master/ext#strings. + - -The username and groups extracted from the identity provider, and the constants defined in this CR, are + -available as variables in all expressions. The username is provided via a variable called `username` and + -the list of group names is provided via a variable called `groups` (which may be an empty list). + -Each user-provided constants is provided via a variable named `strConst.varName` for string constants + -and `strListConst.varName` for string list constants. + - -The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. + -Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated + -and the authentication attempt is rejected. + -Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the + -username or group names. + -Each username/v1 transform must return the new username (a string), which can be the same as the old username. + -Transformations of type username/v1 do not return group names, and therefore cannot change the group names. + -Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old + -groups list. + -Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. + -After each expression, the new (potentially changed) username or groups get passed to the following expression. + - -Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. + -During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + -authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + -and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + -expected. Examples define sample input identities which are then run through the expression list, and the + -results are compared to the expected results. If any example in this list fails, then this + -identity provider will not be available for use within this FederationDomain, and the error(s) will be + -added to the FederationDomain status. This can be used to help guard against programming mistakes in the + -expressions, and also act as living documentation for other administrators to better understand the expressions. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] -==== FederationDomainTransformsConstant - -FederationDomainTransformsConstant defines a constant variable and its value which will be made available to -the transform expressions. This is a union type, and Type is the discriminator field. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`name`* __string__ | Name determines the name of the constant. It must be a valid identifier name. + -| *`type`* __string__ | Type determines the type of the constant, and indicates which other field should be non-empty. + -Allowed values are "string" or "stringList". + -| *`stringValue`* __string__ | StringValue should hold the value when Type is "string", and is otherwise ignored. + -| *`stringListValue`* __string array__ | StringListValue should hold the value when Type is "stringList", and is otherwise ignored. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] -==== FederationDomainTransformsExample - -FederationDomainTransformsExample defines a transform example. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username is the input username. + -| *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + -input Username and Groups. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] -==== FederationDomainTransformsExampleExpects - -FederationDomainTransformsExampleExpects defines the expected result for a transforms example. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username is the expected username after the transformations have been applied. + -| *`groups`* __string array__ | Groups is the expected list of group names after the transformations have been applied. + -| *`rejected`* __boolean__ | Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression + -after the transformations have been applied. True means that it is expected that the authentication would be + -rejected. The default value of false means that it is expected that the authentication would not be rejected + -by any policy expression. + -| *`message`* __string__ | Message is the expected error message of the transforms. When Rejected is true, then Message is the expected + -message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, + -then Message will be treated as the default error message for authentication attempts which are rejected by a + -policy. When Rejected is false, then Message is the expected error message for some other non-policy + -transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] -==== FederationDomainTransformsExpression - -FederationDomainTransformsExpression defines a transform expression. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | Type determines the type of the expression. It must be one of the supported types. + -Allowed values are "policy/v1", "username/v1", or "groups/v1". + -| *`expression`* __string__ | Expression is a CEL expression that will be evaluated based on the Type during an authentication. + -| *`message`* __string__ | Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects + -an authentication attempt. When empty, a default message will be used. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-granttype"] -==== GrantType (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientphase"] -==== OIDCClientPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + -client. Any other uris will be rejected. + -Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + -Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + -client. + - -Must only contain the following values: + -- authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to + -authenticate users. This grant must always be listed. + -- refresh_token: allows the client to perform refresh grants for the user to extend the user's session. + -This grant must be listed if allowedScopes lists offline_access. + -- urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + -which is a step in the process to be able to get a cluster credential for the user. + -This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + - -Must only contain the following values: + -- openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + -This scope must always be listed. + -- offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. + -This scope must be listed if allowedGrantTypes lists refresh_token. + -- pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, + -which is a step in the process to be able to get a cluster credential for the user. + -openid, username and groups scopes must be listed when this scope is present. + -This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. + -- username: The client is allowed to request that ID tokens contain the user's username. + -Without the username scope being requested and allowed, the ID token will not contain the user's username. + -- groups: The client is allowed to request that ID tokens contain the user's group membership, + -if their group membership is discoverable by the Supervisor. + -Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientstatus"] -==== OIDCClientStatus - -OIDCClientStatus is a struct that describes the actual state of an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + -| *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] -==== OIDCClientTokenLifetimes - -OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`idTokenSeconds`* __integer__ | idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of + -ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID + -tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. + -This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens + -short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the + -external identity provider to decide if it is acceptable for the end user to continue their session, and will + -update the end user's group memberships from the external identity provider. Giving these tokens a long life is + -will allow the end user to continue to use a token while avoiding these updates from the external identity + -provider. However, some web applications may have reasons specific to the design of that application to prefer + -longer lifetimes. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-redirecturi"] -==== RedirectURI (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-scope"] -==== Scope (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] -**** - - - - -[id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] -=== identity.concierge.pinniped.dev/identity - -Package identity is the internal version of the Pinniped identity API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-extravalue"] -==== ExtraValue (string array) - -ExtraValue masks the value so protobuf can generate - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-userinfo[$$UserInfo$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-kubernetesuserinfo"] -==== KubernetesUserInfo - -KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -Copied from the Kubernetes token review API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + -| *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-userinfo"] -==== UserInfo - -UserInfo holds the information about the user needed to implement the -user.Info interface. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`Username`* __string__ | The name that uniquely identifies this user among all active users. + -| *`UID`* __string__ | A unique value that identifies this user across time. If this user is + -deleted and another user by the same name is added, they will have + -different UIDs. + -| *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequest"] -==== WhoAmIRequest - -WhoAmIRequest submits a request to echo back the current authenticated user. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequestspec"] -==== WhoAmIRequestSpec - -Spec is always empty for a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequeststatus"] -==== WhoAmIRequestStatus - -Status is set by the server in the response to a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + -|=== - - - -[id="{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1"] -=== identity.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-extravalue"] -==== ExtraValue (string array) - -ExtraValue masks the value so protobuf can generate - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] -==== KubernetesUserInfo - -KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -Copied from the Kubernetes token review API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + -| *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-userinfo"] -==== UserInfo - -UserInfo holds the information about the user needed to implement the -user.Info interface. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | The name that uniquely identifies this user among all active users. + -| *`uid`* __string__ | A unique value that identifies this user across time. If this user is + -deleted and another user by the same name is added, they will have + -different UIDs. + -| *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequest"] -==== WhoAmIRequest - -WhoAmIRequest submits a request to echo back the current authenticated user. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequestspec"] -==== WhoAmIRequestSpec - -Spec is always empty for a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequeststatus"] -==== WhoAmIRequestStatus - -Status is set by the server in the response to a WhoAmIRequest. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + -|=== - - - -[id="{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1"] -=== idp.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] -==== ActiveDirectoryIdentityProvider - -ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] -==== ActiveDirectoryIdentityProviderBind - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and + -password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be + -of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + -should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + -The password must be non-empty. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] -==== ActiveDirectoryIdentityProviderGroupSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + -"ou=groups,dc=example,dc=com". + -Optional, when not specified it will be based on the result of a query for the defaultNamingContext + -(see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + -The default behavior searches your entire domain for groups. + -It may make sense to specify a subtree as a search base if you wish to exclude some groups + -for security reasons or to make searches faster. + -| *`filter`* __string__ | Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. + -The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + -value of an attribute of the user entry found as a result of the user search. Which attribute's + -value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. + -E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". + -For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the filter were specified as + -"(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + -This searches nested groups by default. + -Note that nested group search can be slow for some Active Directory servers. To disable it, + -you can set the filter to + -"(&(objectClass=group)(member={})" + -| *`userAttributeForFilter`* __string__ | UserAttributeForFilter specifies which attribute's value from the user entry found as a result of + -the user search will be used to replace the "{}" placeholder(s) in the group search Filter. + -For example, specifying "uid" as the UserAttributeForFilter while specifying + -"&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing + -the "{}" placeholder in the Filter with the value of the user's "uid" attribute. + -Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + -UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + -would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + -the result of the group search. + -| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + -to obtain new credentials (as their old credentials expire). This allows group + -membership changes to be quickly reflected into Kubernetes clusters. Since + -group membership is often used to bind authorization policies, it is important + -to keep the groups observed in Kubernetes clusters in-sync with the identity + -provider. + - -In some environments, frequent group membership queries may result in a + -significant performance impact on the identity provider and/or the supervisor. + -The best approach to handle performance impacts is to tweak the group query + -to be more performant, for example by disabling nested group search or by + -using a more targeted group search base. + - -If the group search query cannot be made performant and you are willing to + -have group memberships remain static for approximately a day, then set + -skipGroupRefresh to true. This is an insecure configuration as authorization + -policies that are bound to group membership will not notice if a user has + -been removed from a particular group until their next login. + - -This is an experimental feature that may be removed or significantly altered + -in the future. Consumers of this configuration should carefully read all + -release notes before upgrading to ensure that the meaning of this field has + -not changed. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] -==== ActiveDirectoryIdentityProviderGroupSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groupName`* __string__ | GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name + -in the user's list of groups after a successful authentication. + -The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory + -server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + -Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", + -where domain is constructed from the domain components of the group DN. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] -==== ActiveDirectoryIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] -==== ActiveDirectoryIdentityProviderSpec - -Spec for configuring an ActiveDirectory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + -to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] -==== ActiveDirectoryIdentityProviderStatus - -Status of an Active Directory identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] -==== ActiveDirectoryIdentityProviderUserSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. + -E.g. "ou=users,dc=example,dc=com". + -Optional, when not specified it will be based on the result of a query for the defaultNamingContext + -(see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + -The default behavior searches your entire domain for users. + -It may make sense to specify a subtree as a search base if you wish to exclude some users + -or to make searches faster. + -| *`filter`* __string__ | Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur + -in the filter at least once and will be dynamically replaced by the username for which the search is being run. + -E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + -https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will be + -'(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(\|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + -This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, + -and is not shown in advanced view only + -(which would likely mean its a system created service account with advanced permissions). + -Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + -the result of the user search. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] -==== ActiveDirectoryIdentityProviderUserSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username specifies the name of the attribute in Active Directory entry whose value shall become the username + -of the user after a successful authentication. + -Optional, when empty this defaults to "userPrincipalName". + -| *`uid`* __string__ | UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely + -identify the user within this ActiveDirectory provider after a successful authentication. + -Optional, when empty this defaults to "objectGUID". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] -==== CertificateAuthorityDataSourceKind (string) - -CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] -==== CertificateAuthorityDataSourceSpec - -CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + -Allowed values are "Secret" or "ConfigMap". + -"ConfigMap" uses a Kubernetes configmap to source CA Bundles. + -"Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + -| *`name`* __string__ | Name is the resource name of the secret or configmap from which to read the CA bundle. + -The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. + -| *`key`* __string__ | Key is the key name within the secret or configmap from which to read the CA bundle. + -The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded + -certificate bundle. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubapiconfig"] -==== GitHubAPIConfig - -GitHubAPIConfig allows configuration for GitHub Enterprise Server - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is required only for GitHub Enterprise Server. + -Defaults to using GitHub's public API ("github.com"). + -For convenience, specifying "github.com" is equivalent to specifying "api.github.com". + -Do not specify a protocol or scheme since "https://" will always be used. + -Port is optional. Do not specify a path, query, fragment, or userinfo. + -Only specify domain name or IP address, subdomains (optional), and port (optional). + -IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + -in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + -Note that this field should not be needed when using GitHub's public API ("github.com"). + -However, if you choose to specify this field when using GitHub's public API, you must + -specify a CA bundle that will verify connections to "api.github.com". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] -==== GitHubAllowAuthenticationSpec - -GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] -==== GitHubAllowedAuthOrganizationsPolicy (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclaims"] -==== GitHubClaims - -GitHubClaims allows customization of the username and groups claims. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + - -Can be either "id", "login", or "login:id". Defaults to "login:id". + - -GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, + -and may not start or end with hyphens. GitHub users are allowed to change their login name, + -although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", + -then a second user might change their name from "baz" to "foo" in order to take the old + -username of the first user. For this reason, it is not as safe to make authorization decisions + -based only on the user's login attribute. + - -If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's + -FederationDomain to further customize how these usernames are presented to Kubernetes. + - -Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and + -unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value + -from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable + -choice to concatenate the two values. + - -See the response schema for + -[Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + - -Can be either "name" or "slug". Defaults to "slug". + - -GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). + - -GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). + - -Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a + -forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters + -or single hyphens, so the first forward slash `/` will be the separator between the organization login name and + -the team name or slug. + - -If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's + -FederationDomain to further customize how these group names are presented to Kubernetes. + - -See the response schema for + -[List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclientspec"] -==== GitHubClientSpec - -GitHubClientSpec contains information about the GitHub client that this identity provider will use -for web-based login flows. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and + -clientSecret for an GitHub App or GitHub OAuth2 client. + - -This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] -==== GitHubGroupNameAttribute (string) - -GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group -names to present to Kubernetes. See the response schema for -[List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityprovider"] -==== GitHubIdentityProvider - -GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. -This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. - -Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured -as OIDCClients. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] -==== GitHubIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] -==== GitHubIdentityProviderSpec - -GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] -==== GitHubIdentityProviderStatus - -GitHubIdentityProviderStatus is the status of an GitHub identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] -==== GitHubOrganizationsSpec - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + -Defaults to "OnlyUsersFromAllowedOrganizations". + - -Must be set to "AllGitHubUsers" if the allowed field is empty. + - -This field only exists to ensure that Pinniped administrators are aware that an empty list of + -allowedOrganizations means all GitHub users are allowed to log in. + -| *`allowed`* __string array__ | Allowed, when specified, indicates that only users with membership in at least one of the listed + -GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include + -teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be + -provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. + - -The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, + -otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams + -within that organization. + - -If no organizations are listed, you must set organizations: AllGitHubUsers. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubusernameattribute"] -==== GitHubUsernameAttribute (string) - -GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present -to Kubernetes. See the response schema for -[Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] -==== LDAPIdentityProvider - -LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access -Protocol (LDAP) identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] -==== LDAPIdentityProviderBind - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and + -password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be + -of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + -should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + -The password must be non-empty. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] -==== LDAPIdentityProviderGroupSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + -"ou=groups,dc=example,dc=com". When not specified, no group search will be performed and + -authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, + -the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. + -| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for groups for a user. + -The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + -value of an attribute of the user entry found as a result of the user search. Which attribute's + -value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. + -For more information about LDAP filters, see https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the Filter were specified as "member={}". + -| *`userAttributeForFilter`* __string__ | UserAttributeForFilter specifies which attribute's value from the user entry found as a result of + -the user search will be used to replace the "{}" placeholder(s) in the group search Filter. + -For example, specifying "uid" as the UserAttributeForFilter while specifying + -"&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing + -the "{}" placeholder in the Filter with the value of the user's "uid" attribute. + -Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + -UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + -would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + -the result of the group search. + -| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + -to obtain new credentials (as their old credentials expire). This allows group + -membership changes to be quickly reflected into Kubernetes clusters. Since + -group membership is often used to bind authorization policies, it is important + -to keep the groups observed in Kubernetes clusters in-sync with the identity + -provider. + - -In some environments, frequent group membership queries may result in a + -significant performance impact on the identity provider and/or the supervisor. + -The best approach to handle performance impacts is to tweak the group query + -to be more performant, for example by disabling nested group search or by + -using a more targeted group search base. + - -If the group search query cannot be made performant and you are willing to + -have group memberships remain static for approximately a day, then set + -skipGroupRefresh to true. This is an insecure configuration as authorization + -policies that are bound to group membership will not notice if a user has + -been removed from a particular group until their next login. + - -This is an experimental feature that may be removed or significantly altered + -in the future. Consumers of this configuration should carefully read all + -release notes before upgrading to ensure that the meaning of this field has + -not changed. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] -==== LDAPIdentityProviderGroupSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groupName`* __string__ | GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name + -in the user's list of groups after a successful authentication. + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + -Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] -==== LDAPIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] -==== LDAPIdentityProviderSpec - -Spec for configuring an LDAP identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + -to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] -==== LDAPIdentityProviderStatus - -Status of an LDAP identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] -==== LDAPIdentityProviderUserSearch - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. + -E.g. "ou=users,dc=example,dc=com". + -| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur + -in the filter at least once and will be dynamically replaced by the username for which the search is being run. + -E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + -https://ldap.com/ldap-filters. + -Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + -Optional. When not specified, the default will act as if the Filter were specified as the value from + -Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + -explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + -the result of the user search. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] -==== LDAPIdentityProviderUserSearchAttributes - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`username`* __string__ | Username specifies the name of the attribute in the LDAP entry whose value shall become the username + -of the user after a successful authentication. This would typically be the same attribute name used in + -the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field + -is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default + -value of "dn={}" would not work. + -| *`uid`* __string__ | UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely + -identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". + -The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + -server in the user's entry. Distinguished names can be used by specifying lower-case "dn". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] -==== OIDCAuthorizationConfig - -OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization -request parameters. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`additionalScopes`* __string array__ | additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization + -request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials + -Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is + -always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request + -the following scopes: "openid", "offline_access", "email", and "profile". See + -https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" + -scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the + -"offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, + -or as common patterns used by providers who implement the standard in the ecosystem evolve. + -By setting this list to anything other than an empty list, you are overriding the + -default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. + -If you do not want any of these scopes to be requested, you may set this list to contain only "openid". + -Some OIDC providers may also require a scope to get access to the user's group membership, in which case you + -may wish to include it in this list. Sometimes the scope to request the user's group membership is called + -"groups", but unfortunately this is not specified in the OIDC standard. + -Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by + -your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in + -the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See + -your OIDC provider's documentation for more information about what scopes are available to request claims. + -Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor + -from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be + -"offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its + -requirements for what to include in the request in order to receive a refresh token in the response, if anything. + -Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider + -may ignore scopes that it does not understand or require (see + -https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + -"offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + -provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + -OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + -parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + -"state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + -included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. + -The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user + -should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting + -ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. + -This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password + -Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the + -Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" + -parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's + -authorization endpoint for its requirements for what to include in the request in order to receive a refresh + -token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, + -then include it here. Also note that most providers also require a certain scope to be requested in order to + -receive refresh tokens. See the additionalScopes setting for more information about using scopes to request + -refresh tokens. + -| *`allowPasswordGrant`* __boolean__ | allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant + -(see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a + -username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. + -The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be + -supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password + -Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose + -to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the + -cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be + -convenient for users, especially for identities from your OIDC provider which are not intended to represent a human + -actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, + -you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this + -OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password + -Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords + -(similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other + -web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. + -allowPasswordGrant defaults to false. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcclaims"] -==== OIDCClaims - -OIDCClaims provides a mapping from upstream claims into identities. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`groups`* __string__ | Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain + -the groups to which an identity belongs. By default, the identities will not include any group memberships when + -this setting is not configured. + -| *`username`* __string__ | Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to + -ascertain an identity's username. When not set, the username will be an automatically constructed unique string + -which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from + -the ID token. + -| *`additionalClaimMappings`* __object (keys:string, values:string)__ | AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the + -"additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of + -new claim names as the keys, and upstream claim names as the values. These new claim names will be nested + -under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this + -OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. + -This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be + -used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims + -are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient contains information about an OIDC client (e.g., client ID and client -secret). - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and + -clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient + -struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys + -"clientID" and "clientSecret". + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] -==== OIDCIdentityProvider - -OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] -==== OIDCIdentityProviderPhase (string) - - - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] -**** - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] -==== OIDCIdentityProviderSpec - -OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + -/.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + -parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + -this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + -provider. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] -==== OIDCIdentityProviderStatus - -OIDCIdentityProviderStatus is the status of an OIDC identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-parameter"] -==== Parameter - -Parameter is a key/value pair which represents a parameter in an HTTP request. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`name`* __string__ | The name of the parameter. Required. + -| *`value`* __string__ | The value of the parameter. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-tlsspec"] -==== TLSSpec - -TLSSpec provides TLS configuration for identity provider integration. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + -Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + -|=== - - - -[id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] -=== login.concierge.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped login API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-clustercredential"] -==== ClusterCredential - -ClusterCredential is the cluster-specific credential returned on a successful credential request. It -contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + -| *`token`* __string__ | Token is a bearer token used by the client for request authentication. + -| *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + -| *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequest"] -==== TokenCredentialRequest - -TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] -==== TokenCredentialRequestSpec - -Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] -==== TokenCredentialRequestStatus - -Status of a TokenCredentialRequest, returned on responses to the Pinniped API. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-29-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + -| *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + -|=== - - diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.29/apis/concierge/authentication/v1alpha1/doc.go deleted file mode 100644 index 230739b39..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=authentication.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. -package v1alpha1 diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/register.go b/generated/1.29/apis/concierge/authentication/v1alpha1/register.go deleted file mode 100644 index 5abf2953c..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/register.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "authentication.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookAuthenticator{}, - &WebhookAuthenticatorList{}, - &JWTAuthenticator{}, - &JWTAuthenticatorList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.29/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go deleted file mode 100644 index 6c782b5ce..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ /dev/null @@ -1,312 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type JWTAuthenticatorPhase string - -const ( - // JWTAuthenticatorPhasePending is the default phase for newly-created JWTAuthenticator resources. - JWTAuthenticatorPhasePending JWTAuthenticatorPhase = "Pending" - - // JWTAuthenticatorPhaseReady is the phase for an JWTAuthenticator resource in a healthy state. - JWTAuthenticatorPhaseReady JWTAuthenticatorPhase = "Ready" - - // JWTAuthenticatorPhaseError is the phase for an JWTAuthenticator in an unhealthy state. - JWTAuthenticatorPhaseError JWTAuthenticatorPhase = "Error" -) - -// JWTAuthenticatorStatus is the status of a JWT authenticator. -type JWTAuthenticatorStatus struct { - // Represents the observations of the authenticator's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // Phase summarizes the overall status of the JWTAuthenticator. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase JWTAuthenticatorPhase `json:"phase,omitempty"` -} - -// JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. -type JWTAuthenticatorSpec struct { - // issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is - // also used to validate the "iss" JWT claim. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Issuer string `json:"issuer"` - - // audience is the required value of the "aud" JWT claim. - // +kubebuilder:validation:MinLength=1 - Audience string `json:"audience"` - - // claims allows customization of the claims that will be mapped to user identity - // for Kubernetes access. - // +optional - Claims JWTTokenClaims `json:"claims"` - - // claimValidationRules are rules that are applied to validate token claims to authenticate users. - // This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - // https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, mistakes in this - // configuration will cause the user's login to fail. - // +optional - ClaimValidationRules []ClaimValidationRule `json:"claimValidationRules,omitempty"` - - // userValidationRules are rules that are applied to final user before completing authentication. - // These allow invariants to be applied to incoming identities such as preventing the - // use of the system: prefix that is commonly used by Kubernetes components. - // The validation rules are logically ANDed together and must all return true for the validation to pass. - // This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - // https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, mistakes in this - // configuration will cause the user's login to fail. - // +optional - UserValidationRules []UserValidationRule `json:"userValidationRules,omitempty"` - - // tls is the configuration for communicating with the OIDC provider via TLS. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// ClaimValidationRule provides the configuration for a single claim validation rule. -type ClaimValidationRule struct { - // claim is the name of a required claim. - // Only string claim keys are supported. - // Mutually exclusive with expression and message. - // +optional - Claim string `json:"claim,omitempty"` - - // requiredValue is the value of a required claim. - // Only string claim values are supported. - // If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. - // Mutually exclusive with expression and message. - // +optional - RequiredValue string `json:"requiredValue,omitempty"` - - // expression represents the expression which will be evaluated by CEL. - // Must produce a boolean. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // Must return true for the validation to pass. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with claim and requiredValue. - // +optional - Expression string `json:"expression,omitempty"` - - // message customizes the returned error message when expression returns false. - // message is a literal string. - // Mutually exclusive with claim and requiredValue. - // +optional - Message string `json:"message,omitempty"` -} - -// UserValidationRule provides the configuration for a single user info validation rule. -type UserValidationRule struct { - // expression represents the expression which will be evaluated by CEL. - // Must return true for the validation to pass. - // - // CEL expressions have access to the contents of UserInfo, organized into CEL variable: - // - 'user' - authentication.k8s.io/v1, Kind=UserInfo object - // Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. - // API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // +required - Expression string `json:"expression"` - - // message customizes the returned error message when rule returns false. - // message is a literal string. - // +optional - Message string `json:"message,omitempty"` -} - -// JWTTokenClaims allows customization of the claims that will be mapped to user identity -// for Kubernetes access. -type JWTTokenClaims struct { - // username is the name of the claim which should be read to extract the - // username from the JWT token. When not specified, it will default to "username", - // unless usernameExpression is specified. - // - // Mutually exclusive with usernameExpression. Use either username or usernameExpression to - // determine the user's username from the JWT token. - // +optional - Username string `json:"username"` - - // usernameExpression represents an expression which will be evaluated by CEL. - // The expression's result will become the user's username. - // - // usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to the expected type without errors, or else the user's login will fail. - // Additionally, mistakes in this configuration can cause the users to have unintended usernames. - // - // The expression must produce a non-empty string value. - // If the expression uses 'claims.email', then 'claims.email_verified' must be used in - // the expression or extra[*].valueExpression or claimValidationRules[*].expression. - // An example claim validation rule expression that matches the validation automatically - // applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. - // By explicitly comparing the value to true, we let type-checking see the result will be a boolean, - // and to make sure a non-boolean email_verified claim will be caught at runtime. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with username. Use either username or usernameExpression to - // determine the user's username from the JWT token. - // +optional - UsernameExpression string `json:"usernameExpression,omitempty"` - - // groups is the name of the claim which should be read to extract the user's - // group membership from the JWT token. When not specified, it will default to "groups", - // unless groupsExpression is specified. - // - // Mutually exclusive with groupsExpression. Use either groups or groupsExpression to - // determine the user's group membership from the JWT token. - // +optional - Groups string `json:"groups"` - - // groupsExpression represents an expression which will be evaluated by CEL. - // The expression's result will become the user's group memberships. - // - // groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to one of the expected types without errors, or else the user's login will fail. - // Additionally, mistakes in this configuration can cause the users to have unintended group memberships. - // - // The expression must produce a string or string array value. - // "", [], and null values are treated as the group mapping not being present. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // Mutually exclusive with groups. Use either groups or groupsExpression to - // determine the user's group membership from the JWT token. - // +optional - GroupsExpression string `json:"groupsExpression,omitempty"` - - // extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration - // as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - // - // However, note that the Pinniped Concierge issues client certificates to users for the purpose - // of authenticating, and the Kubernetes API server does not have any mechanism for transmitting - // auth extras via client certificates. When configured, these extras will appear in client - // certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational - // Units (OU). However, when this client certificate is presented to Kubernetes for authentication, - // Kubernetes will ignore these extras. This is probably only useful if you are using a custom - // authenticating proxy in front of your Kubernetes API server which can translate these OUs into - // auth extras, as described by - // https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. - // This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - // must evaluate to either a string or an array of strings, or else the user's login will fail. - // - // These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). - // - // expression must produce a string or string array value. - // If the value is empty, the extra mapping will not be present. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // hard-coded extra key/value - // - key: "acme.io/foo" - // valueExpression: "'bar'" - // This will result in an extra attribute - acme.io/foo: ["bar"] - // - // hard-coded key, value copying claim value - // - key: "acme.io/foo" - // valueExpression: "claims.some_claim" - // This will result in an extra attribute - acme.io/foo: [value of some_claim] - // - // hard-coded key, value derived from claim value - // - key: "acme.io/admin" - // valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' - // This will result in: - // - if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] - // - if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added - // - // +optional - Extra []ExtraMapping `json:"extra,omitempty"` -} - -// ExtraMapping provides the configuration for a single extra mapping. -type ExtraMapping struct { - // key is a string to use as the extra attribute key. - // key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid - // subdomain as defined by RFC 1123. All characters trailing the first "/" must - // be valid HTTP Path characters as defined by RFC 3986. - // key must be lowercase. - // Required to be unique. - // Additionally, the key must not contain an equals sign ("="). - // +required - Key string `json:"key"` - - // valueExpression is a CEL expression to extract extra attribute value. - // valueExpression must produce a string or string array value. - // "", [], and null values are treated as the extra mapping not being present. - // Empty string values contained within a string array are filtered out. - // - // CEL expressions have access to the contents of the token claims, organized into CEL variable: - // - 'claims' is a map of claim names to claim values. - // For example, a variable named 'sub' can be accessed as 'claims.sub'. - // Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - // - // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - // - // +required - ValueExpression string `json:"valueExpression"` -} - -// JWTAuthenticator describes the configuration of a JWT authenticator. -// -// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid -// signature, existence of claims, etc.) and extract the username and groups from the token. -// -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type JWTAuthenticator struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec for configuring the authenticator. - Spec JWTAuthenticatorSpec `json:"spec"` - - // status of the authenticator. - Status JWTAuthenticatorStatus `json:"status,omitempty"` -} - -// JWTAuthenticatorList is a list of JWTAuthenticator objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type JWTAuthenticatorList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []JWTAuthenticator `json:"items"` -} diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.29/apis/concierge/authentication/v1alpha1/types_tls.go deleted file mode 100644 index fd728efbd..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/types_tls.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. -// -// +kubebuilder:validation:Enum=Secret;ConfigMap -type CertificateAuthorityDataSourceKind string - -const ( - // CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles. - CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap") - - // CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles. - // Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque. - CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret") -) - -// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. -type CertificateAuthorityDataSourceSpec struct { - // Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - // Allowed values are "Secret" or "ConfigMap". - // "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - // "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - Kind CertificateAuthorityDataSourceKind `json:"kind"` - // Name is the resource name of the secret or configmap from which to read the CA bundle. - // The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - // Key is the key name within the secret or configmap from which to read the CA bundle. - // The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - // certificate bundle. - // +kubebuilder:validation:MinLength=1 - Key string `json:"key"` -} - -// TLSSpec provides TLS configuration on various authenticators. -type TLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - // Reference to a CA bundle in a secret or a configmap. - // Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - // +optional - CertificateAuthorityDataSource *CertificateAuthorityDataSourceSpec `json:"certificateAuthorityDataSource,omitempty"` -} diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.29/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go deleted file mode 100644 index 5a5efaf1c..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type WebhookAuthenticatorPhase string - -const ( - // WebhookAuthenticatorPhasePending is the default phase for newly-created WebhookAuthenticator resources. - WebhookAuthenticatorPhasePending WebhookAuthenticatorPhase = "Pending" - - // WebhookAuthenticatorPhaseReady is the phase for an WebhookAuthenticator resource in a healthy state. - WebhookAuthenticatorPhaseReady WebhookAuthenticatorPhase = "Ready" - - // WebhookAuthenticatorPhaseError is the phase for an WebhookAuthenticator in an unhealthy state. - WebhookAuthenticatorPhaseError WebhookAuthenticatorPhase = "Error" -) - -// Status of a webhook authenticator. -type WebhookAuthenticatorStatus struct { - // Represents the observations of the authenticator's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - // Phase summarizes the overall status of the WebhookAuthenticator. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase WebhookAuthenticatorPhase `json:"phase,omitempty"` -} - -// Spec for configuring a webhook authenticator. -type WebhookAuthenticatorSpec struct { - // Webhook server endpoint URL. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Endpoint string `json:"endpoint"` - - // TLS configuration. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// WebhookAuthenticator describes the configuration of a webhook authenticator. -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster -// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type WebhookAuthenticator struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the authenticator. - Spec WebhookAuthenticatorSpec `json:"spec"` - - // Status of the authenticator. - Status WebhookAuthenticatorStatus `json:"status,omitempty"` -} - -// List of WebhookAuthenticator objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookAuthenticatorList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []WebhookAuthenticator `json:"items"` -} diff --git a/generated/1.29/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index cf8c0e61c..000000000 --- a/generated/1.29/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,341 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateAuthorityDataSourceSpec) DeepCopyInto(out *CertificateAuthorityDataSourceSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateAuthorityDataSourceSpec. -func (in *CertificateAuthorityDataSourceSpec) DeepCopy() *CertificateAuthorityDataSourceSpec { - if in == nil { - return nil - } - out := new(CertificateAuthorityDataSourceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClaimValidationRule) DeepCopyInto(out *ClaimValidationRule) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimValidationRule. -func (in *ClaimValidationRule) DeepCopy() *ClaimValidationRule { - if in == nil { - return nil - } - out := new(ClaimValidationRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraMapping. -func (in *ExtraMapping) DeepCopy() *ExtraMapping { - if in == nil { - return nil - } - out := new(ExtraMapping) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator. -func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator { - if in == nil { - return nil - } - out := new(JWTAuthenticator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *JWTAuthenticator) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]JWTAuthenticator, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList. -func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList { - if in == nil { - return nil - } - out := new(JWTAuthenticatorList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) { - *out = *in - in.Claims.DeepCopyInto(&out.Claims) - if in.ClaimValidationRules != nil { - in, out := &in.ClaimValidationRules, &out.ClaimValidationRules - *out = make([]ClaimValidationRule, len(*in)) - copy(*out, *in) - } - if in.UserValidationRules != nil { - in, out := &in.UserValidationRules, &out.UserValidationRules - *out = make([]UserValidationRule, len(*in)) - copy(*out, *in) - } - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec. -func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec { - if in == nil { - return nil - } - out := new(JWTAuthenticatorSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus. -func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus { - if in == nil { - return nil - } - out := new(JWTAuthenticatorStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) { - *out = *in - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make([]ExtraMapping, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims. -func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims { - if in == nil { - return nil - } - out := new(JWTTokenClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { - *out = *in - if in.CertificateAuthorityDataSource != nil { - in, out := &in.CertificateAuthorityDataSource, &out.CertificateAuthorityDataSource - *out = new(CertificateAuthorityDataSourceSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. -func (in *TLSSpec) DeepCopy() *TLSSpec { - if in == nil { - return nil - } - out := new(TLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserValidationRule) DeepCopyInto(out *UserValidationRule) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserValidationRule. -func (in *UserValidationRule) DeepCopy() *UserValidationRule { - if in == nil { - return nil - } - out := new(UserValidationRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. -func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { - if in == nil { - return nil - } - out := new(WebhookAuthenticator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WebhookAuthenticator, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. -func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. -func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. -func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { - if in == nil { - return nil - } - out := new(WebhookAuthenticatorStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/concierge/config/v1alpha1/doc.go b/generated/1.29/apis/concierge/config/v1alpha1/doc.go deleted file mode 100644 index a5d41ff3f..000000000 --- a/generated/1.29/apis/concierge/config/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=config.concierge.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. -package v1alpha1 diff --git a/generated/1.29/apis/concierge/config/v1alpha1/register.go b/generated/1.29/apis/concierge/config/v1alpha1/register.go deleted file mode 100644 index dbcba3b91..000000000 --- a/generated/1.29/apis/concierge/config/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "config.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &CredentialIssuer{}, - &CredentialIssuerList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.29/apis/concierge/config/v1alpha1/types_credentialissuer.go deleted file mode 100644 index f3e289550..000000000 --- a/generated/1.29/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ /dev/null @@ -1,257 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. -// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy -type StrategyType string - -// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. -// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy -type FrontendType string - -// StrategyStatus enumerates whether a strategy is working on a cluster. -// +kubebuilder:validation:Enum=Success;Error -type StrategyStatus string - -// StrategyReason enumerates the detailed reason why a strategy is in a particular status. -// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey -type StrategyReason string - -const ( - KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") - ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy") - - TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI") - ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy") - - SuccessStrategyStatus = StrategyStatus("Success") - ErrorStrategyStatus = StrategyStatus("Error") - - ListeningStrategyReason = StrategyReason("Listening") - PendingStrategyReason = StrategyReason("Pending") - DisabledStrategyReason = StrategyReason("Disabled") - ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup") - CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") - CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo") - FetchedKeyStrategyReason = StrategyReason("FetchedKey") -) - -// CredentialIssuerSpec describes the intended configuration of the Concierge. -type CredentialIssuerSpec struct { - // ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. - ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"` -} - -// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. -// Allowed values are "auto", "enabled", or "disabled". -// -// +kubebuilder:validation:Enum=auto;enabled;disabled -type ImpersonationProxyMode string - -const ( - // ImpersonationProxyModeDisabled explicitly disables the impersonation proxy. - ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled") - - // ImpersonationProxyModeEnabled explicitly enables the impersonation proxy. - ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled") - - // ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running. - ImpersonationProxyModeAuto = ImpersonationProxyMode("auto") -) - -// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. -// Allowed values are "LoadBalancer", "ClusterIP", or "None". -// -// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None -type ImpersonationProxyServiceType string - -const ( - // ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer. - ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer") - - // ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP. - ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP") - - // ImpersonationProxyServiceTypeNone does not automatically provision any service. - ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None") -) - -// ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should -// serve TLS. -// -// If CertificateAuthorityData is not provided, the Concierge impersonation proxy will check the secret -// for a field called "ca.crt", which will be used as the CertificateAuthorityData. -// -// If neither CertificateAuthorityData nor ca.crt is provided, no CA bundle will be advertised for -// the impersonation proxy endpoint. -type ImpersonationProxyTLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). - // Used to advertise the CA bundle for the impersonation proxy endpoint. - // - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - - // SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - // the TLS serving certificate for the Concierge impersonation proxy endpoint. - // - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName,omitempty"` -} - -// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. -type ImpersonationProxySpec struct { - // Mode configures whether the impersonation proxy should be started: - // - "disabled" explicitly disables the impersonation proxy. This is the default. - // - "enabled" explicitly enables the impersonation proxy. - // - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. - Mode ImpersonationProxyMode `json:"mode"` - - // Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. - // - // +kubebuilder:default:={"type": "LoadBalancer"} - Service ImpersonationProxyServiceSpec `json:"service"` - - // ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will - // be served using the external name of the LoadBalancer service or the cluster service DNS name. - // - // This field must be non-empty when spec.impersonationProxy.service.type is "None". - // - // +optional - ExternalEndpoint string `json:"externalEndpoint,omitempty"` - - // TLS contains information about how the Concierge impersonation proxy should serve TLS. - // - // If this field is empty, the impersonation proxy will generate its own TLS certificate. - // - // +optional - TLS *ImpersonationProxyTLSSpec `json:"tls,omitempty"` -} - -// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. -type ImpersonationProxyServiceSpec struct { - // Type specifies the type of Service to provision for the impersonation proxy. - // - // If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty - // value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. - // - // +kubebuilder:default:="LoadBalancer" - Type ImpersonationProxyServiceType `json:"type,omitempty"` - - // LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. - // This is not supported on all cloud providers. - // - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=255 - // +optional - LoadBalancerIP string `json:"loadBalancerIP,omitempty"` - - // Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. - // - // +optional - Annotations map[string]string `json:"annotations,omitempty"` -} - -// CredentialIssuerStatus describes the status of the Concierge. -type CredentialIssuerStatus struct { - // List of integration strategies that were attempted by Pinniped. - Strategies []CredentialIssuerStrategy `json:"strategies"` -} - -// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. -type CredentialIssuerStrategy struct { - // Type of integration attempted. - Type StrategyType `json:"type"` - - // Status of the attempted integration strategy. - Status StrategyStatus `json:"status"` - - // Reason for the current status. - Reason StrategyReason `json:"reason"` - - // Human-readable description of the current status. - // +kubebuilder:validation:MinLength=1 - Message string `json:"message"` - - // When the status was last checked. - LastUpdateTime metav1.Time `json:"lastUpdateTime"` - - // Frontend describes how clients can connect using this strategy. - Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"` -} - -// CredentialIssuerFrontend describes how to connect using a particular integration strategy. -type CredentialIssuerFrontend struct { - // Type describes which frontend mechanism clients can use with a strategy. - Type FrontendType `json:"type"` - - // TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - // This field is only set when Type is "TokenCredentialRequestAPI". - TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"` - - // ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - // This field is only set when Type is "ImpersonationProxy". - ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"` -} - -// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. -type TokenCredentialRequestAPIInfo struct { - // Server is the Kubernetes API server URL. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://|^http://` - Server string `json:"server"` - - // CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. - // +kubebuilder:validation:MinLength=1 - CertificateAuthorityData string `json:"certificateAuthorityData"` -} - -// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. -type ImpersonationProxyInfo struct { - // Endpoint is the HTTPS endpoint of the impersonation proxy. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Endpoint string `json:"endpoint"` - - // CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. - // +kubebuilder:validation:MinLength=1 - CertificateAuthorityData string `json:"certificateAuthorityData"` -} - -// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped,scope=Cluster -// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode` -// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type CredentialIssuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec describes the intended configuration of the Concierge. - // - // +optional - Spec CredentialIssuerSpec `json:"spec"` - - // CredentialIssuerStatus describes the status of the Concierge. - // - // +optional - Status CredentialIssuerStatus `json:"status"` -} - -// CredentialIssuerList is a list of CredentialIssuer objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type CredentialIssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []CredentialIssuer `json:"items"` -} diff --git a/generated/1.29/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index e0dffe816..000000000 --- a/generated/1.29/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,259 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer. -func (in *CredentialIssuer) DeepCopy() *CredentialIssuer { - if in == nil { - return nil - } - out := new(CredentialIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CredentialIssuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) { - *out = *in - if in.TokenCredentialRequestAPIInfo != nil { - in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo - *out = new(TokenCredentialRequestAPIInfo) - **out = **in - } - if in.ImpersonationProxyInfo != nil { - in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo - *out = new(ImpersonationProxyInfo) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend. -func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend { - if in == nil { - return nil - } - out := new(CredentialIssuerFrontend) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CredentialIssuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList. -func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList { - if in == nil { - return nil - } - out := new(CredentialIssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CredentialIssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) { - *out = *in - if in.ImpersonationProxy != nil { - in, out := &in.ImpersonationProxy, &out.ImpersonationProxy - *out = new(ImpersonationProxySpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec. -func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec { - if in == nil { - return nil - } - out := new(CredentialIssuerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) { - *out = *in - if in.Strategies != nil { - in, out := &in.Strategies, &out.Strategies - *out = make([]CredentialIssuerStrategy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus. -func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus { - if in == nil { - return nil - } - out := new(CredentialIssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) { - *out = *in - in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) - if in.Frontend != nil { - in, out := &in.Frontend, &out.Frontend - *out = new(CredentialIssuerFrontend) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy. -func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy { - if in == nil { - return nil - } - out := new(CredentialIssuerStrategy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo. -func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo { - if in == nil { - return nil - } - out := new(ImpersonationProxyInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec. -func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec { - if in == nil { - return nil - } - out := new(ImpersonationProxyServiceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) { - *out = *in - in.Service.DeepCopyInto(&out.Service) - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(ImpersonationProxyTLSSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec. -func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec { - if in == nil { - return nil - } - out := new(ImpersonationProxySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImpersonationProxyTLSSpec) DeepCopyInto(out *ImpersonationProxyTLSSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyTLSSpec. -func (in *ImpersonationProxyTLSSpec) DeepCopy() *ImpersonationProxyTLSSpec { - if in == nil { - return nil - } - out := new(ImpersonationProxyTLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo. -func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo { - if in == nil { - return nil - } - out := new(TokenCredentialRequestAPIInfo) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/concierge/identity/doc.go b/generated/1.29/apis/concierge/identity/doc.go deleted file mode 100644 index 983a67776..000000000 --- a/generated/1.29/apis/concierge/identity/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=identity.concierge.pinniped.dev - -// Package identity is the internal version of the Pinniped identity API. -package identity diff --git a/generated/1.29/apis/concierge/identity/register.go b/generated/1.29/apis/concierge/identity/register.go deleted file mode 100644 index 5fb2f80d9..000000000 --- a/generated/1.29/apis/concierge/identity/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "identity.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WhoAmIRequest{}, - &WhoAmIRequestList{}, - ) - return nil -} diff --git a/generated/1.29/apis/concierge/identity/types_userinfo.go b/generated/1.29/apis/concierge/identity/types_userinfo.go deleted file mode 100644 index 587cfa1f7..000000000 --- a/generated/1.29/apis/concierge/identity/types_userinfo.go +++ /dev/null @@ -1,37 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import "fmt" - -// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -// Copied from the Kubernetes token review API. -type KubernetesUserInfo struct { - // User is the UserInfo associated with the current user. - User UserInfo - // Audiences are audience identifiers chosen by the authenticator. - Audiences []string -} - -// UserInfo holds the information about the user needed to implement the -// user.Info interface. -type UserInfo struct { - // The name that uniquely identifies this user among all active users. - Username string - // A unique value that identifies this user across time. If this user is - // deleted and another user by the same name is added, they will have - // different UIDs. - UID string - // The names of groups this user is a part of. - Groups []string - // Any additional information provided by the authenticator. - Extra map[string]ExtraValue -} - -// ExtraValue masks the value so protobuf can generate -type ExtraValue []string - -func (t ExtraValue) String() string { - return fmt.Sprintf("%v", []string(t)) -} diff --git a/generated/1.29/apis/concierge/identity/types_whoamirequest.go b/generated/1.29/apis/concierge/identity/types_whoamirequest.go deleted file mode 100644 index 293869a0d..000000000 --- a/generated/1.29/apis/concierge/identity/types_whoamirequest.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package identity - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// WhoAmIRequest submits a request to echo back the current authenticated user. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequest struct { - metav1.TypeMeta - metav1.ObjectMeta - - Spec WhoAmIRequestSpec - Status WhoAmIRequestStatus -} - -// Spec is always empty for a WhoAmIRequest. -type WhoAmIRequestSpec struct { - // empty for now but we may add some config here in the future - // any such config must be safe in the context of an unauthenticated user -} - -// Status is set by the server in the response to a WhoAmIRequest. -type WhoAmIRequestStatus struct { - // The current authenticated user, exactly as Kubernetes understands it. - KubernetesUserInfo KubernetesUserInfo - - // We may add concierge specific information here in the future. -} - -// WhoAmIRequestList is a list of WhoAmIRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of WhoAmIRequest. - Items []WhoAmIRequest -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.29/apis/concierge/identity/v1alpha1/conversion.go deleted file mode 100644 index 9fe7cce6d..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.29/apis/concierge/identity/v1alpha1/defaults.go deleted file mode 100644 index 7835b69e9..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/register.go b/generated/1.29/apis/concierge/identity/v1alpha1/register.go deleted file mode 100644 index d87f2de2d..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "identity.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &WhoAmIRequest{}, - &WhoAmIRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.29/apis/concierge/identity/v1alpha1/types_userinfo.go deleted file mode 100644 index 3a779afab..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/types_userinfo.go +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import "fmt" - -// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. -// Copied from the Kubernetes token review API. -type KubernetesUserInfo struct { - // User is the UserInfo associated with the current user. - User UserInfo `json:"user"` - // Audiences are audience identifiers chosen by the authenticator. - // +optional - Audiences []string `json:"audiences,omitempty"` -} - -// UserInfo holds the information about the user needed to implement the -// user.Info interface. -type UserInfo struct { - // The name that uniquely identifies this user among all active users. - Username string `json:"username"` - // A unique value that identifies this user across time. If this user is - // deleted and another user by the same name is added, they will have - // different UIDs. - // +optional - UID string `json:"uid,omitempty"` - // The names of groups this user is a part of. - // +optional - Groups []string `json:"groups,omitempty"` - // Any additional information provided by the authenticator. - // +optional - Extra map[string]ExtraValue `json:"extra,omitempty"` -} - -// ExtraValue masks the value so protobuf can generate -type ExtraValue []string - -func (t ExtraValue) String() string { - return fmt.Sprintf("%v", []string(t)) -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/types_whoamirequest.go b/generated/1.29/apis/concierge/identity/v1alpha1/types_whoamirequest.go deleted file mode 100644 index a8ee14544..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/types_whoamirequest.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// WhoAmIRequest submits a request to echo back the current authenticated user. -// +genclient -// +genclient:nonNamespaced -// +genclient:onlyVerbs=create -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec WhoAmIRequestSpec `json:"spec,omitempty"` - Status WhoAmIRequestStatus `json:"status,omitempty"` -} - -// Spec is always empty for a WhoAmIRequest. -type WhoAmIRequestSpec struct { - // empty for now but we may add some config here in the future - // any such config must be safe in the context of an unauthenticated user -} - -// Status is set by the server in the response to a WhoAmIRequest. -type WhoAmIRequestStatus struct { - // The current authenticated user, exactly as Kubernetes understands it. - KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"` - - // We may add concierge specific information here in the future. -} - -// WhoAmIRequestList is a list of WhoAmIRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WhoAmIRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of WhoAmIRequest. - Items []WhoAmIRequest `json:"items"` -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 518772f74..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,185 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ExtraValue) DeepCopyInto(out *ExtraValue) { - { - in := &in - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. -func (in ExtraValue) DeepCopy() ExtraValue { - if in == nil { - return nil - } - out := new(ExtraValue) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { - *out = *in - in.User.DeepCopyInto(&out.User) - if in.Audiences != nil { - in, out := &in.Audiences, &out.Audiences - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. -func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { - if in == nil { - return nil - } - out := new(KubernetesUserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserInfo) DeepCopyInto(out *UserInfo) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string]ExtraValue, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. -func (in *UserInfo) DeepCopy() *UserInfo { - if in == nil { - return nil - } - out := new(UserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. -func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { - if in == nil { - return nil - } - out := new(WhoAmIRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WhoAmIRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. -func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { - if in == nil { - return nil - } - out := new(WhoAmIRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. -func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { - if in == nil { - return nil - } - out := new(WhoAmIRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { - *out = *in - in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. -func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { - if in == nil { - return nil - } - out := new(WhoAmIRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.29/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/identity/zz_generated.deepcopy.go deleted file mode 100644 index fd46cd573..000000000 --- a/generated/1.29/apis/concierge/identity/zz_generated.deepcopy.go +++ /dev/null @@ -1,185 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package identity - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ExtraValue) DeepCopyInto(out *ExtraValue) { - { - in := &in - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. -func (in ExtraValue) DeepCopy() ExtraValue { - if in == nil { - return nil - } - out := new(ExtraValue) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { - *out = *in - in.User.DeepCopyInto(&out.User) - if in.Audiences != nil { - in, out := &in.Audiences, &out.Audiences - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. -func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { - if in == nil { - return nil - } - out := new(KubernetesUserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UserInfo) DeepCopyInto(out *UserInfo) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string]ExtraValue, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. -func (in *UserInfo) DeepCopy() *UserInfo { - if in == nil { - return nil - } - out := new(UserInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. -func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { - if in == nil { - return nil - } - out := new(WhoAmIRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]WhoAmIRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. -func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { - if in == nil { - return nil - } - out := new(WhoAmIRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. -func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { - if in == nil { - return nil - } - out := new(WhoAmIRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { - *out = *in - in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. -func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { - if in == nil { - return nil - } - out := new(WhoAmIRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/concierge/login/doc.go b/generated/1.29/apis/concierge/login/doc.go deleted file mode 100644 index 4e46f56a0..000000000 --- a/generated/1.29/apis/concierge/login/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=login.concierge.pinniped.dev - -// Package login is the internal version of the Pinniped login API. -package login diff --git a/generated/1.29/apis/concierge/login/register.go b/generated/1.29/apis/concierge/login/register.go deleted file mode 100644 index eb4c1a55e..000000000 --- a/generated/1.29/apis/concierge/login/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "login.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &TokenCredentialRequest{}, - &TokenCredentialRequestList{}, - ) - return nil -} diff --git a/generated/1.29/apis/concierge/login/types_clustercredential.go b/generated/1.29/apis/concierge/login/types_clustercredential.go deleted file mode 100644 index 8f84e0937..000000000 --- a/generated/1.29/apis/concierge/login/types_clustercredential.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ClusterCredential is the cluster-specific credential returned on a successful credential request. It -// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. -type ClusterCredential struct { - // ExpirationTimestamp indicates a time when the provided credentials expire. - ExpirationTimestamp metav1.Time - - // Token is a bearer token used by the client for request authentication. - Token string - - // PEM-encoded client TLS certificates (including intermediates, if any). - ClientCertificateData string - - // PEM-encoded private key for the above certificate. - ClientKeyData string -} diff --git a/generated/1.29/apis/concierge/login/types_tokencredentialrequest.go b/generated/1.29/apis/concierge/login/types_tokencredentialrequest.go deleted file mode 100644 index 62af47f16..000000000 --- a/generated/1.29/apis/concierge/login/types_tokencredentialrequest.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package login - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. -type TokenCredentialRequestSpec struct { - // Bearer token supplied with the credential request. - Token string - - // Reference to an authenticator which can validate this credential request. - Authenticator corev1.TypedLocalObjectReference -} - -// Status of a TokenCredentialRequest, returned on responses to the Pinniped API. -type TokenCredentialRequestStatus struct { - // A Credential will be returned for a successful credential request. - // +optional - Credential *ClusterCredential - - // An error message will be returned for an unsuccessful credential request. - // +optional - Message *string -} - -// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequest struct { - metav1.TypeMeta - metav1.ObjectMeta - - Spec TokenCredentialRequestSpec - Status TokenCredentialRequestStatus -} - -// TokenCredentialRequestList is a list of TokenCredentialRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of TokenCredentialRequest. - Items []TokenCredentialRequest -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/conversion.go b/generated/1.29/apis/concierge/login/v1alpha1/conversion.go deleted file mode 100644 index a0e3fd36a..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.29/apis/concierge/login/v1alpha1/defaults.go b/generated/1.29/apis/concierge/login/v1alpha1/defaults.go deleted file mode 100644 index 487a7d6c3..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/register.go b/generated/1.29/apis/concierge/login/v1alpha1/register.go deleted file mode 100644 index 40a50b40b..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "login.concierge.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &TokenCredentialRequest{}, - &TokenCredentialRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/types_clustercredential.go b/generated/1.29/apis/concierge/login/v1alpha1/types_clustercredential.go deleted file mode 100644 index 1cab01721..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/types_clustercredential.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// ClusterCredential is the cluster-specific credential returned on a successful credential request. It -// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. -type ClusterCredential struct { - // ExpirationTimestamp indicates a time when the provided credentials expire. - ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` - - // Token is a bearer token used by the client for request authentication. - Token string `json:"token,omitempty"` - - // PEM-encoded client TLS certificates (including intermediates, if any). - ClientCertificateData string `json:"clientCertificateData,omitempty"` - - // PEM-encoded private key for the above certificate. - ClientKeyData string `json:"clientKeyData,omitempty"` -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go b/generated/1.29/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go deleted file mode 100644 index 9b5c1d587..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. -type TokenCredentialRequestSpec struct { - // Bearer token supplied with the credential request. - Token string `json:"token,omitempty"` - - // Reference to an authenticator which can validate this credential request. - Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` -} - -// Status of a TokenCredentialRequest, returned on responses to the Pinniped API. -type TokenCredentialRequestStatus struct { - // A Credential will be returned for a successful credential request. - // +optional - Credential *ClusterCredential `json:"credential,omitempty"` - - // An error message will be returned for an unsuccessful credential request. - // +optional - Message *string `json:"message,omitempty"` -} - -// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. -// +genclient -// +genclient:nonNamespaced -// +genclient:onlyVerbs=create -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec TokenCredentialRequestSpec `json:"spec,omitempty"` - Status TokenCredentialRequestStatus `json:"status,omitempty"` -} - -// TokenCredentialRequestList is a list of TokenCredentialRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TokenCredentialRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of TokenCredentialRequest. - Items []TokenCredentialRequest `json:"items"` -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index 7812da70a..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,201 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - login "go.pinniped.dev/generated/1.29/apis/concierge/login" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { - out.ExpirationTimestamp = in.ExpirationTimestamp - out.Token = in.Token - out.ClientCertificateData = in.ClientCertificateData - out.ClientKeyData = in.ClientKeyData - return nil -} - -// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function. -func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { - return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s) -} - -func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { - out.ExpirationTimestamp = in.ExpirationTimestamp - out.Token = in.Token - out.ClientCertificateData = in.ClientCertificateData - out.ClientKeyData = in.ClientKeyData - return nil -} - -// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function. -func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { - return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s) -} - -func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function. -func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { - out.Token = in.Token - out.Authenticator = in.Authenticator - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { - out.Token = in.Token - out.Authenticator = in.Authenticator - return nil -} - -// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { - out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential)) - out.Message = (*string)(unsafe.Pointer(in.Message)) - return nil -} - -// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s) -} - -func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { - out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential)) - out.Message = (*string)(unsafe.Pointer(in.Message)) - return nil -} - -// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function. -func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { - return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s) -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 56b559320..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,134 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { - *out = *in - in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. -func (in *ClusterCredential) DeepCopy() *ClusterCredential { - if in == nil { - return nil - } - out := new(ClusterCredential) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. -func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { - if in == nil { - return nil - } - out := new(TokenCredentialRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]TokenCredentialRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. -func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { - if in == nil { - return nil - } - out := new(TokenCredentialRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { - *out = *in - in.Authenticator.DeepCopyInto(&out.Authenticator) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. -func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { - if in == nil { - return nil - } - out := new(TokenCredentialRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { - *out = *in - if in.Credential != nil { - in, out := &in.Credential, &out.Credential - *out = new(ClusterCredential) - (*in).DeepCopyInto(*out) - } - if in.Message != nil { - in, out := &in.Message, &out.Message - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. -func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { - if in == nil { - return nil - } - out := new(TokenCredentialRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.29/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.29/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.29/apis/concierge/login/zz_generated.deepcopy.go deleted file mode 100644 index 6c316e8a9..000000000 --- a/generated/1.29/apis/concierge/login/zz_generated.deepcopy.go +++ /dev/null @@ -1,134 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package login - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { - *out = *in - in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. -func (in *ClusterCredential) DeepCopy() *ClusterCredential { - if in == nil { - return nil - } - out := new(ClusterCredential) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. -func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { - if in == nil { - return nil - } - out := new(TokenCredentialRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]TokenCredentialRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. -func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { - if in == nil { - return nil - } - out := new(TokenCredentialRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { - *out = *in - in.Authenticator.DeepCopyInto(&out.Authenticator) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. -func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { - if in == nil { - return nil - } - out := new(TokenCredentialRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { - *out = *in - if in.Credential != nil { - in, out := &in.Credential, &out.Credential - *out = new(ClusterCredential) - (*in).DeepCopyInto(*out) - } - if in.Message != nil { - in, out := &in.Message, &out.Message - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. -func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { - if in == nil { - return nil - } - out := new(TokenCredentialRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/go.mod b/generated/1.29/apis/go.mod deleted file mode 100644 index c9649df5b..000000000 --- a/generated/1.29/apis/go.mod +++ /dev/null @@ -1,26 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.29/apis - -go 1.21 - -require ( - k8s.io/api v0.29.14 - k8s.io/apimachinery v0.29.14 -) - -require ( - github.com/go-logr/logr v1.3.0 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/json-iterator/go v1.1.12 // indirect - github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect - golang.org/x/net v0.23.0 // indirect - golang.org/x/text v0.14.0 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect -) diff --git a/generated/1.29/apis/supervisor/clientsecret/doc.go b/generated/1.29/apis/supervisor/clientsecret/doc.go deleted file mode 100644 index ccd69d4a7..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=clientsecret.supervisor.pinniped.dev - -// Package clientsecret is the internal version of the Pinniped client secret API. -package clientsecret diff --git a/generated/1.29/apis/supervisor/clientsecret/register.go b/generated/1.29/apis/supervisor/clientsecret/register.go deleted file mode 100644 index 5ec38a2ea..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/register.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package clientsecret - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "clientsecret.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClientSecretRequest{}, - &OIDCClientSecretRequestList{}, - ) - return nil -} diff --git a/generated/1.29/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.29/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go deleted file mode 100644 index 9a5b46286..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package clientsecret - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequest struct { - metav1.TypeMeta - metav1.ObjectMeta // metadata.name must be set to the client ID - - Spec OIDCClientSecretRequestSpec - - // +optional - Status OIDCClientSecretRequestStatus -} - -// Spec of the OIDCClientSecretRequest. -type OIDCClientSecretRequestSpec struct { - // Request a new client secret to for the OIDCClient referenced by the metadata.name field. - // +optional - GenerateNewSecret bool - - // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. - // +optional - RevokeOldSecrets bool -} - -// Status of the OIDCClientSecretRequest. -type OIDCClientSecretRequestStatus struct { - // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. - GeneratedSecret string - - // The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. - TotalClientSecrets int -} - -// OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequestList struct { - metav1.TypeMeta - metav1.ListMeta - - // Items is a list of OIDCClientSecretRequest. - Items []OIDCClientSecretRequest -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/conversion.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/conversion.go deleted file mode 100644 index 1f44e3ff9..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/conversion.go +++ /dev/null @@ -1,4 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/defaults.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/defaults.go deleted file mode 100644 index 017391788..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/defaults.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/register.go deleted file mode 100644 index f1915df1e..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "clientsecret.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = SchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClientSecretRequest{}, - &OIDCClientSecretRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns back a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go deleted file mode 100644 index cf09ac397..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. -// +genclient -// +genclient:onlyVerbs=create -// +kubebuilder:subresource:status -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` // metadata.name must be set to the client ID - - Spec OIDCClientSecretRequestSpec `json:"spec"` - - // +optional - Status OIDCClientSecretRequestStatus `json:"status"` -} - -// Spec of the OIDCClientSecretRequest. -type OIDCClientSecretRequestSpec struct { - // Request a new client secret to for the OIDCClient referenced by the metadata.name field. - // +optional - GenerateNewSecret bool `json:"generateNewSecret"` - - // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. - // +optional - RevokeOldSecrets bool `json:"revokeOldSecrets"` -} - -// Status of the OIDCClientSecretRequest. -type OIDCClientSecretRequestStatus struct { - // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost. - GeneratedSecret string `json:"generatedSecret,omitempty"` - - // The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. - TotalClientSecrets int `json:"totalClientSecrets"` -} - -// OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientSecretRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is a list of OIDCClientSecretRequest. - Items []OIDCClientSecretRequest `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index 5cba1ca36..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,165 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - clientsecret "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequest)(nil), (*clientsecret.OIDCClientSecretRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(a.(*OIDCClientSecretRequest), b.(*clientsecret.OIDCClientSecretRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequest)(nil), (*OIDCClientSecretRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(a.(*clientsecret.OIDCClientSecretRequest), b.(*OIDCClientSecretRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestSpec)(nil), (*OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(a.(*clientsecret.OIDCClientSecretRequestSpec), b.(*OIDCClientSecretRequestSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestStatus)(nil), (*clientsecret.OIDCClientSecretRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(a.(*OIDCClientSecretRequestStatus), b.(*clientsecret.OIDCClientSecretRequestStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestStatus)(nil), (*OIDCClientSecretRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(a.(*clientsecret.OIDCClientSecretRequestStatus), b.(*OIDCClientSecretRequestStatus), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in *OIDCClientSecretRequest, out *clientsecret.OIDCClientSecretRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in *OIDCClientSecretRequest, out *clientsecret.OIDCClientSecretRequest, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequest_To_clientsecret_OIDCClientSecretRequest(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in *clientsecret.OIDCClientSecretRequest, out *OIDCClientSecretRequest, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in *clientsecret.OIDCClientSecretRequest, out *OIDCClientSecretRequest, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { - out.GenerateNewSecret = in.GenerateNewSecret - out.RevokeOldSecrets = in.RevokeOldSecrets - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in *clientsecret.OIDCClientSecretRequestSpec, out *OIDCClientSecretRequestSpec, s conversion.Scope) error { - out.GenerateNewSecret = in.GenerateNewSecret - out.RevokeOldSecrets = in.RevokeOldSecrets - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in *clientsecret.OIDCClientSecretRequestSpec, out *OIDCClientSecretRequestSpec, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestSpec_To_v1alpha1_OIDCClientSecretRequestSpec(in, out, s) -} - -func autoConvert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in *OIDCClientSecretRequestStatus, out *clientsecret.OIDCClientSecretRequestStatus, s conversion.Scope) error { - out.GeneratedSecret = in.GeneratedSecret - out.TotalClientSecrets = in.TotalClientSecrets - return nil -} - -// Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus is an autogenerated conversion function. -func Convert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in *OIDCClientSecretRequestStatus, out *clientsecret.OIDCClientSecretRequestStatus, s conversion.Scope) error { - return autoConvert_v1alpha1_OIDCClientSecretRequestStatus_To_clientsecret_OIDCClientSecretRequestStatus(in, out, s) -} - -func autoConvert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in *clientsecret.OIDCClientSecretRequestStatus, out *OIDCClientSecretRequestStatus, s conversion.Scope) error { - out.GeneratedSecret = in.GeneratedSecret - out.TotalClientSecrets = in.TotalClientSecrets - return nil -} - -// Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus is an autogenerated conversion function. -func Convert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in *clientsecret.OIDCClientSecretRequestStatus, out *OIDCClientSecretRequestStatus, s conversion.Scope) error { - return autoConvert_clientsecret_OIDCClientSecretRequestStatus_To_v1alpha1_OIDCClientSecretRequestStatus(in, out, s) -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index f27defbed..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,106 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequest) DeepCopyInto(out *OIDCClientSecretRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequest. -func (in *OIDCClientSecretRequest) DeepCopy() *OIDCClientSecretRequest { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClientSecretRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. -func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestSpec. -func (in *OIDCClientSecretRequestSpec) DeepCopy() *OIDCClientSecretRequestSpec { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestStatus) DeepCopyInto(out *OIDCClientSecretRequestStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestStatus. -func (in *OIDCClientSecretRequestStatus) DeepCopy() *OIDCClientSecretRequestStatus { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go b/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1d39b4b15..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - return nil -} diff --git a/generated/1.29/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.29/apis/supervisor/clientsecret/zz_generated.deepcopy.go deleted file mode 100644 index 478545283..000000000 --- a/generated/1.29/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ /dev/null @@ -1,106 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package clientsecret - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequest) DeepCopyInto(out *OIDCClientSecretRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequest. -func (in *OIDCClientSecretRequest) DeepCopy() *OIDCClientSecretRequest { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClientSecretRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. -func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestSpec. -func (in *OIDCClientSecretRequestSpec) DeepCopy() *OIDCClientSecretRequestSpec { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSecretRequestStatus) DeepCopyInto(out *OIDCClientSecretRequestStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestStatus. -func (in *OIDCClientSecretRequestStatus) DeepCopy() *OIDCClientSecretRequestStatus { - if in == nil { - return nil - } - out := new(OIDCClientSecretRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/supervisor/config/v1alpha1/doc.go b/generated/1.29/apis/supervisor/config/v1alpha1/doc.go deleted file mode 100644 index fa7f09b34..000000000 --- a/generated/1.29/apis/supervisor/config/v1alpha1/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=config.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. -package v1alpha1 diff --git a/generated/1.29/apis/supervisor/config/v1alpha1/register.go b/generated/1.29/apis/supervisor/config/v1alpha1/register.go deleted file mode 100644 index c2022efb4..000000000 --- a/generated/1.29/apis/supervisor/config/v1alpha1/register.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "config.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &FederationDomain{}, - &FederationDomainList{}, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.29/apis/supervisor/config/v1alpha1/types_federationdomain.go deleted file mode 100644 index cae9a459b..000000000 --- a/generated/1.29/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ /dev/null @@ -1,315 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type FederationDomainPhase string - -const ( - // FederationDomainPhasePending is the default phase for newly-created FederationDomain resources. - FederationDomainPhasePending FederationDomainPhase = "Pending" - - // FederationDomainPhaseReady is the phase for an FederationDomain resource in a healthy state. - FederationDomainPhaseReady FederationDomainPhase = "Ready" - - // FederationDomainPhaseError is the phase for an FederationDomain in an unhealthy state. - FederationDomainPhaseError FederationDomainPhase = "Error" -) - -// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. -type FederationDomainTLSSpec struct { - // SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - // the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret - // named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use - // for TLS. - // - // Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. - // - // SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. - // SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same - // SecretName value even if they have different port numbers. - // - // SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is - // configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). - // It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to - // use the default TLS certificate, which is configured elsewhere. - // - // When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. - // - // +optional - SecretName string `json:"secretName,omitempty"` -} - -// FederationDomainTransformsConstant defines a constant variable and its value which will be made available to -// the transform expressions. This is a union type, and Type is the discriminator field. -type FederationDomainTransformsConstant struct { - // Name determines the name of the constant. It must be a valid identifier name. - // +kubebuilder:validation:Pattern=`^[a-zA-Z][_a-zA-Z0-9]*$` - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=64 - Name string `json:"name"` - - // Type determines the type of the constant, and indicates which other field should be non-empty. - // Allowed values are "string" or "stringList". - // +kubebuilder:validation:Enum=string;stringList - Type string `json:"type"` - - // StringValue should hold the value when Type is "string", and is otherwise ignored. - // +optional - StringValue string `json:"stringValue,omitempty"` - - // StringListValue should hold the value when Type is "stringList", and is otherwise ignored. - // +optional - StringListValue []string `json:"stringListValue,omitempty"` -} - -// FederationDomainTransformsExpression defines a transform expression. -type FederationDomainTransformsExpression struct { - // Type determines the type of the expression. It must be one of the supported types. - // Allowed values are "policy/v1", "username/v1", or "groups/v1". - // +kubebuilder:validation:Enum=policy/v1;username/v1;groups/v1 - Type string `json:"type"` - - // Expression is a CEL expression that will be evaluated based on the Type during an authentication. - // +kubebuilder:validation:MinLength=1 - Expression string `json:"expression"` - - // Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects - // an authentication attempt. When empty, a default message will be used. - // +optional - Message string `json:"message,omitempty"` -} - -// FederationDomainTransformsExample defines a transform example. -type FederationDomainTransformsExample struct { - // Username is the input username. - // +kubebuilder:validation:MinLength=1 - Username string `json:"username"` - - // Groups is the input list of group names. - // +optional - Groups []string `json:"groups,omitempty"` - - // Expects is the expected output of the entire sequence of transforms when they are run against the - // input Username and Groups. - Expects FederationDomainTransformsExampleExpects `json:"expects"` -} - -// FederationDomainTransformsExampleExpects defines the expected result for a transforms example. -type FederationDomainTransformsExampleExpects struct { - // Username is the expected username after the transformations have been applied. - // +optional - Username string `json:"username,omitempty"` - - // Groups is the expected list of group names after the transformations have been applied. - // +optional - Groups []string `json:"groups,omitempty"` - - // Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression - // after the transformations have been applied. True means that it is expected that the authentication would be - // rejected. The default value of false means that it is expected that the authentication would not be rejected - // by any policy expression. - // +optional - Rejected bool `json:"rejected,omitempty"` - - // Message is the expected error message of the transforms. When Rejected is true, then Message is the expected - // message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, - // then Message will be treated as the default error message for authentication attempts which are rejected by a - // policy. When Rejected is false, then Message is the expected error message for some other non-policy - // transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. - // +optional - Message string `json:"message,omitempty"` -} - -// FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. -type FederationDomainTransforms struct { - // Constants defines constant variables and their values which will be made available to the transform expressions. - // +patchMergeKey=name - // +patchStrategy=merge - // +listType=map - // +listMapKey=name - // +optional - Constants []FederationDomainTransformsConstant `json:"constants,omitempty"` - - // Expressions are an optional list of transforms and policies to be executed in the order given during every - // authentication attempt, including during every session refresh. - // Each is a CEL expression. It may use the basic CEL language as defined in - // https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in - // https://github.com/google/cel-go/tree/master/ext#strings. - // - // The username and groups extracted from the identity provider, and the constants defined in this CR, are - // available as variables in all expressions. The username is provided via a variable called `username` and - // the list of group names is provided via a variable called `groups` (which may be an empty list). - // Each user-provided constants is provided via a variable named `strConst.varName` for string constants - // and `strListConst.varName` for string list constants. - // - // The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. - // Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated - // and the authentication attempt is rejected. - // Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the - // username or group names. - // Each username/v1 transform must return the new username (a string), which can be the same as the old username. - // Transformations of type username/v1 do not return group names, and therefore cannot change the group names. - // Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old - // groups list. - // Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. - // After each expression, the new (potentially changed) username or groups get passed to the following expression. - // - // Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. - // During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the - // authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username - // and group names have been decided for that authentication attempt. - // - // +optional - Expressions []FederationDomainTransformsExpression `json:"expressions,omitempty"` - - // Examples can optionally be used to ensure that the sequence of transformation expressions are working as - // expected. Examples define sample input identities which are then run through the expression list, and the - // results are compared to the expected results. If any example in this list fails, then this - // identity provider will not be available for use within this FederationDomain, and the error(s) will be - // added to the FederationDomain status. This can be used to help guard against programming mistakes in the - // expressions, and also act as living documentation for other administrators to better understand the expressions. - // +optional - Examples []FederationDomainTransformsExample `json:"examples,omitempty"` -} - -// FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. -type FederationDomainIdentityProvider struct { - // DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the - // kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a - // disruptive change for those users. - // +kubebuilder:validation:MinLength=1 - DisplayName string `json:"displayName"` - - // ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. - // If the reference cannot be resolved then the identity provider will not be made available. - // Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, - // LDAPIdentityProvider, ActiveDirectoryIdentityProvider. - ObjectRef corev1.TypedLocalObjectReference `json:"objectRef"` - - // Transforms is an optional way to specify transformations to be applied during user authentication and - // session refresh. - // +optional - Transforms FederationDomainTransforms `json:"transforms,omitempty"` -} - -// FederationDomainSpec is a struct that describes an OIDC Provider. -type FederationDomainSpec struct { - // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the - // identifier that it will use for the iss claim in issued JWTs. This field will also be used as - // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is - // https://example.com/foo, then your authorization endpoint will look like - // https://example.com/foo/some/path/to/auth/endpoint). - // - // See - // https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:message="issuer must be an HTTPS URL",rule="isURL(self) && url(self).getScheme() == 'https'" - Issuer string `json:"issuer"` - - // TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. - // +optional - TLS *FederationDomainTLSSpec `json:"tls,omitempty"` - - // IdentityProviders is the list of identity providers available for use by this FederationDomain. - // - // An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, - // how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to - // extract a normalized user identity. Normalized user identities include a username and a list of group names. - // In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which - // belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations - // on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid - // accidental conflicts when multiple identity providers have different users with the same username (e.g. - // "idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication - // rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow - // the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could - // disallow the authentication unless the user belongs to a specific group in the identity provider. - // - // For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, - // an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which - // exist in the same namespace, but also to reject all authentication requests when there is more than one identity - // provider currently defined. In this backwards compatibility mode, the name of the identity provider resource - // (e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this - // FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of - // relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead - // explicitly list the identity provider using this IdentityProviders field. - // - // +optional - IdentityProviders []FederationDomainIdentityProvider `json:"identityProviders,omitempty"` -} - -// FederationDomainSecrets holds information about this OIDC Provider's secrets. -type FederationDomainSecrets struct { - // JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are - // stored. If it is empty, then the signing/verification keys are either unknown or they don't - // exist. - // +optional - JWKS corev1.LocalObjectReference `json:"jwks,omitempty"` - - // TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // signing tokens is stored. - // +optional - TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"` - - // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // signing state parameters is stored. - // +optional - StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"` - - // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - // encrypting state parameters is stored. - // +optional - StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"` -} - -// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. -type FederationDomainStatus struct { - // Phase summarizes the overall status of the FederationDomain. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase FederationDomainPhase `json:"phase,omitempty"` - - // Conditions represent the observations of an FederationDomain's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // Secrets contains information about this OIDC Provider's secrets. - // +optional - Secrets FederationDomainSecrets `json:"secrets,omitempty"` -} - -// FederationDomain describes the configuration of an OIDC provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type FederationDomain struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec of the OIDC provider. - Spec FederationDomainSpec `json:"spec"` - - // Status of the OIDC provider. - Status FederationDomainStatus `json:"status,omitempty"` -} - -// List of FederationDomain objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type FederationDomainList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []FederationDomain `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.29/apis/supervisor/config/v1alpha1/types_oidcclient.go deleted file mode 100644 index 2250f958a..000000000 --- a/generated/1.29/apis/supervisor/config/v1alpha1/types_oidcclient.go +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -type OIDCClientPhase string - -const ( - // OIDCClientPhasePending is the default phase for newly-created OIDCClient resources. - OIDCClientPhasePending OIDCClientPhase = "Pending" - - // OIDCClientPhaseReady is the phase for an OIDCClient resource in a healthy state. - OIDCClientPhaseReady OIDCClientPhase = "Ready" - - // OIDCClientPhaseError is the phase for an OIDCClient in an unhealthy state. - OIDCClientPhaseError OIDCClientPhase = "Error" -) - -// +kubebuilder:validation:Pattern=`^https://.+|^http://(127\.0\.0\.1|\[::1\])(:\d+)?/` -type RedirectURI string - -// +kubebuilder:validation:Enum="authorization_code";"refresh_token";"urn:ietf:params:oauth:grant-type:token-exchange" -type GrantType string - -// +kubebuilder:validation:Enum="openid";"offline_access";"username";"groups";"pinniped:request-audience" -type Scope string - -// OIDCClientSpec is a struct that describes an OIDCClient. -type OIDCClientSpec struct { - // allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this - // client. Any other uris will be rejected. - // Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. - // Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedRedirectURIs []RedirectURI `json:"allowedRedirectURIs"` - - // allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this - // client. - // - // Must only contain the following values: - // - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to - // authenticate users. This grant must always be listed. - // - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. - // This grant must be listed if allowedScopes lists offline_access. - // - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, - // which is a step in the process to be able to get a cluster credential for the user. - // This grant must be listed if allowedScopes lists pinniped:request-audience. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedGrantTypes []GrantType `json:"allowedGrantTypes"` - - // allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - // - // Must only contain the following values: - // - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). - // This scope must always be listed. - // - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. - // This scope must be listed if allowedGrantTypes lists refresh_token. - // - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, - // which is a step in the process to be able to get a cluster credential for the user. - // openid, username and groups scopes must be listed when this scope is present. - // This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - // - username: The client is allowed to request that ID tokens contain the user's username. - // Without the username scope being requested and allowed, the ID token will not contain the user's username. - // - groups: The client is allowed to request that ID tokens contain the user's group membership, - // if their group membership is discoverable by the Supervisor. - // Without the groups scope being requested and allowed, the ID token will not contain groups. - // +listType=set - // +kubebuilder:validation:MinItems=1 - AllowedScopes []Scope `json:"allowedScopes"` - - // tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. - // +optional - TokenLifetimes OIDCClientTokenLifetimes `json:"tokenLifetimes,omitempty"` -} - -// OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. -type OIDCClientTokenLifetimes struct { - // idTokenSeconds is the lifetime of ID tokens issued to this client, in seconds. This will choose the lifetime of - // ID tokens returned by the authorization flow and the refresh grant. It will not influence the lifetime of the ID - // tokens returned by RFC8693 token exchange. When null, a short-lived default value will be used. - // This value must be between 120 and 1,800 seconds (30 minutes), inclusive. It is recommended to make these tokens - // short-lived to force the client to perform the refresh grant often, because the refresh grant will check with the - // external identity provider to decide if it is acceptable for the end user to continue their session, and will - // update the end user's group memberships from the external identity provider. Giving these tokens a long life is - // will allow the end user to continue to use a token while avoiding these updates from the external identity - // provider. However, some web applications may have reasons specific to the design of that application to prefer - // longer lifetimes. - // +kubebuilder:validation:Minimum=120 - // +kubebuilder:validation:Maximum=1800 - // +optional - IDTokenSeconds *int32 `json:"idTokenSeconds,omitempty"` -} - -// OIDCClientStatus is a struct that describes the actual state of an OIDCClient. -type OIDCClientStatus struct { - // phase summarizes the overall status of the OIDCClient. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase OIDCClientPhase `json:"phase,omitempty"` - - // conditions represent the observations of an OIDCClient's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - - // totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. - // +optional - TotalClientSecrets int32 `json:"totalClientSecrets"` // do not omitempty to allow it to show in the printer column even when it is 0 -} - -// OIDCClient describes the configuration of an OIDC client. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped -// +kubebuilder:printcolumn:name="Privileged Scopes",type=string,JSONPath=`.spec.allowedScopes[?(@ == "pinniped:request-audience")]` -// +kubebuilder:printcolumn:name="Client Secrets",type=integer,JSONPath=`.status.totalClientSecrets` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type OIDCClient struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec of the OIDC client. - Spec OIDCClientSpec `json:"spec"` - - // Status of the OIDC client. - Status OIDCClientStatus `json:"status,omitempty"` -} - -// List of OIDCClient objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCClientList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []OIDCClient `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index d84848e6d..000000000 --- a/generated/1.29/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,433 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain. -func (in *FederationDomain) DeepCopy() *FederationDomain { - if in == nil { - return nil - } - out := new(FederationDomain) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FederationDomain) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainIdentityProvider) DeepCopyInto(out *FederationDomainIdentityProvider) { - *out = *in - in.ObjectRef.DeepCopyInto(&out.ObjectRef) - in.Transforms.DeepCopyInto(&out.Transforms) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainIdentityProvider. -func (in *FederationDomainIdentityProvider) DeepCopy() *FederationDomainIdentityProvider { - if in == nil { - return nil - } - out := new(FederationDomainIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]FederationDomain, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList. -func (in *FederationDomainList) DeepCopy() *FederationDomainList { - if in == nil { - return nil - } - out := new(FederationDomainList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FederationDomainList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) { - *out = *in - out.JWKS = in.JWKS - out.TokenSigningKey = in.TokenSigningKey - out.StateSigningKey = in.StateSigningKey - out.StateEncryptionKey = in.StateEncryptionKey - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets. -func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets { - if in == nil { - return nil - } - out := new(FederationDomainSecrets) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(FederationDomainTLSSpec) - **out = **in - } - if in.IdentityProviders != nil { - in, out := &in.IdentityProviders, &out.IdentityProviders - *out = make([]FederationDomainIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec. -func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec { - if in == nil { - return nil - } - out := new(FederationDomainSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - out.Secrets = in.Secrets - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus. -func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus { - if in == nil { - return nil - } - out := new(FederationDomainStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec. -func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { - if in == nil { - return nil - } - out := new(FederationDomainTLSSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransforms) DeepCopyInto(out *FederationDomainTransforms) { - *out = *in - if in.Constants != nil { - in, out := &in.Constants, &out.Constants - *out = make([]FederationDomainTransformsConstant, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Expressions != nil { - in, out := &in.Expressions, &out.Expressions - *out = make([]FederationDomainTransformsExpression, len(*in)) - copy(*out, *in) - } - if in.Examples != nil { - in, out := &in.Examples, &out.Examples - *out = make([]FederationDomainTransformsExample, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransforms. -func (in *FederationDomainTransforms) DeepCopy() *FederationDomainTransforms { - if in == nil { - return nil - } - out := new(FederationDomainTransforms) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsConstant) DeepCopyInto(out *FederationDomainTransformsConstant) { - *out = *in - if in.StringListValue != nil { - in, out := &in.StringListValue, &out.StringListValue - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsConstant. -func (in *FederationDomainTransformsConstant) DeepCopy() *FederationDomainTransformsConstant { - if in == nil { - return nil - } - out := new(FederationDomainTransformsConstant) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExample) DeepCopyInto(out *FederationDomainTransformsExample) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - in.Expects.DeepCopyInto(&out.Expects) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExample. -func (in *FederationDomainTransformsExample) DeepCopy() *FederationDomainTransformsExample { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExample) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExampleExpects) DeepCopyInto(out *FederationDomainTransformsExampleExpects) { - *out = *in - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExampleExpects. -func (in *FederationDomainTransformsExampleExpects) DeepCopy() *FederationDomainTransformsExampleExpects { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExampleExpects) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FederationDomainTransformsExpression) DeepCopyInto(out *FederationDomainTransformsExpression) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTransformsExpression. -func (in *FederationDomainTransformsExpression) DeepCopy() *FederationDomainTransformsExpression { - if in == nil { - return nil - } - out := new(FederationDomainTransformsExpression) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]RedirectURI, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - in.TokenLifetimes.DeepCopyInto(&out.TokenLifetimes) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientTokenLifetimes) DeepCopyInto(out *OIDCClientTokenLifetimes) { - *out = *in - if in.IDTokenSeconds != nil { - in, out := &in.IDTokenSeconds, &out.IDTokenSeconds - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientTokenLifetimes. -func (in *OIDCClientTokenLifetimes) DeepCopy() *OIDCClientTokenLifetimes { - if in == nil { - return nil - } - out := new(OIDCClientTokenLifetimes) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.29/apis/supervisor/idp/v1alpha1/doc.go deleted file mode 100644 index 0b06153f4..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/doc.go +++ /dev/null @@ -1,9 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.supervisor.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. -package v1alpha1 diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/register.go b/generated/1.29/apis/supervisor/idp/v1alpha1/register.go deleted file mode 100644 index 5de15afe0..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "idp.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCIdentityProvider{}, - &OIDCIdentityProviderList{}, - &LDAPIdentityProvider{}, - &LDAPIdentityProviderList{}, - &ActiveDirectoryIdentityProvider{}, - &ActiveDirectoryIdentityProviderList{}, - &GitHubIdentityProvider{}, - &GitHubIdentityProviderList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.29/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go deleted file mode 100644 index eb5ae59e4..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go +++ /dev/null @@ -1,219 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type ActiveDirectoryIdentityProviderPhase string - -const ( - // ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources. - ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending" - - // ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state. - ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready" - - // ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state. - ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error" -) - -// Status of an Active Directory identity provider. -type ActiveDirectoryIdentityProviderStatus struct { - // Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -type ActiveDirectoryIdentityProviderBind struct { - // SecretName contains the name of a namespace-local Secret object that provides the username and - // password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be - // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - // The password must be non-empty. - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type ActiveDirectoryIdentityProviderUserSearchAttributes struct { - // Username specifies the name of the attribute in Active Directory entry whose value shall become the username - // of the user after a successful authentication. - // Optional, when empty this defaults to "userPrincipalName". - // +optional - Username string `json:"username,omitempty"` - - // UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely - // identify the user within this ActiveDirectory provider after a successful authentication. - // Optional, when empty this defaults to "objectGUID". - // +optional - UID string `json:"uid,omitempty"` -} - -type ActiveDirectoryIdentityProviderGroupSearchAttributes struct { - // GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name - // in the user's list of groups after a successful authentication. - // The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory - // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - // Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", - // where domain is constructed from the domain components of the group DN. - // +optional - GroupName string `json:"groupName,omitempty"` -} - -type ActiveDirectoryIdentityProviderUserSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for users. - // E.g. "ou=users,dc=example,dc=com". - // Optional, when not specified it will be based on the result of a query for the defaultNamingContext - // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - // The default behavior searches your entire domain for users. - // It may make sense to specify a subtree as a search base if you wish to exclude some users - // or to make searches faster. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur - // in the filter at least once and will be dynamically replaced by the username for which the search is being run. - // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - // https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will be - // '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' - // This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, - // and is not shown in advanced view only - // (which would likely mean its a system created service account with advanced permissions). - // Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. - // +optional - Filter string `json:"filter,omitempty"` - - // Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as - // the result of the user search. - // +optional - Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` -} - -type ActiveDirectoryIdentityProviderGroupSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - // "ou=groups,dc=example,dc=com". - // Optional, when not specified it will be based on the result of a query for the defaultNamingContext - // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - // The default behavior searches your entire domain for groups. - // It may make sense to specify a subtree as a search base if you wish to exclude some groups - // for security reasons or to make searches faster. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. - // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - // value of an attribute of the user entry found as a result of the user search. Which attribute's - // value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - // E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". - // For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the filter were specified as - // "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". - // This searches nested groups by default. - // Note that nested group search can be slow for some Active Directory servers. To disable it, - // you can set the filter to - // "(&(objectClass=group)(member={})" - // +optional - Filter string `json:"filter,omitempty"` - - // UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - // the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - // For example, specifying "uid" as the UserAttributeForFilter while specifying - // "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - // the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - // Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - // UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - // would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - // +optional - UserAttributeForFilter string `json:"userAttributeForFilter,omitempty"` - - // Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as - // the result of the group search. - // +optional - Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` - - // The user's group membership is refreshed as they interact with the supervisor - // to obtain new credentials (as their old credentials expire). This allows group - // membership changes to be quickly reflected into Kubernetes clusters. Since - // group membership is often used to bind authorization policies, it is important - // to keep the groups observed in Kubernetes clusters in-sync with the identity - // provider. - // - // In some environments, frequent group membership queries may result in a - // significant performance impact on the identity provider and/or the supervisor. - // The best approach to handle performance impacts is to tweak the group query - // to be more performant, for example by disabling nested group search or by - // using a more targeted group search base. - // - // If the group search query cannot be made performant and you are willing to - // have group memberships remain static for approximately a day, then set - // skipGroupRefresh to true. This is an insecure configuration as authorization - // policies that are bound to group membership will not notice if a user has - // been removed from a particular group until their next login. - // - // This is an experimental feature that may be removed or significantly altered - // in the future. Consumers of this configuration should carefully read all - // release notes before upgrading to ensure that the meaning of this field has - // not changed. - SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` -} - -// Spec for configuring an ActiveDirectory identity provider. -type ActiveDirectoryIdentityProviderSpec struct { - // Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. - // +kubebuilder:validation:MinLength=1 - Host string `json:"host"` - - // TLS contains the connection settings for how to establish the connection to the Host. - TLS *TLSSpec `json:"tls,omitempty"` - - // Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server - // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"` - - // UserSearch contains the configuration for searching for a user by name in Active Directory. - UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"` - - // GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. - GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"` -} - -// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type ActiveDirectoryIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec ActiveDirectoryIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"` -} - -// List of ActiveDirectoryIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type ActiveDirectoryIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []ActiveDirectoryIdentityProvider `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go b/generated/1.29/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go deleted file mode 100644 index 5c4f22398..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go +++ /dev/null @@ -1,263 +0,0 @@ -// Copyright 2024-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type GitHubIdentityProviderPhase string - -const ( - // GitHubPhasePending is the default phase for newly-created GitHubIdentityProvider resources. - GitHubPhasePending GitHubIdentityProviderPhase = "Pending" - - // GitHubPhaseReady is the phase for an GitHubIdentityProvider resource in a healthy state. - GitHubPhaseReady GitHubIdentityProviderPhase = "Ready" - - // GitHubPhaseError is the phase for an GitHubIdentityProvider in an unhealthy state. - GitHubPhaseError GitHubIdentityProviderPhase = "Error" -) - -type GitHubAllowedAuthOrganizationsPolicy string - -const ( - // GitHubAllowedAuthOrganizationsPolicyAllGitHubUsers means any GitHub user is allowed to log in using this identity - // provider, regardless of their organization membership or lack thereof. - GitHubAllowedAuthOrganizationsPolicyAllGitHubUsers GitHubAllowedAuthOrganizationsPolicy = "AllGitHubUsers" - - // GitHubAllowedAuthOrganizationsPolicyOnlyUsersFromAllowedOrganizations means only those users with membership in - // the listed GitHub organizations are allowed to log in. - GitHubAllowedAuthOrganizationsPolicyOnlyUsersFromAllowedOrganizations GitHubAllowedAuthOrganizationsPolicy = "OnlyUsersFromAllowedOrganizations" -) - -// GitHubIdentityProviderStatus is the status of an GitHub identity provider. -type GitHubIdentityProviderStatus struct { - // Phase summarizes the overall status of the GitHubIdentityProvider. - // - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase GitHubIdentityProviderPhase `json:"phase,omitempty"` - - // Conditions represents the observations of an identity provider's current state. - // - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -// GitHubAPIConfig allows configuration for GitHub Enterprise Server -type GitHubAPIConfig struct { - // Host is required only for GitHub Enterprise Server. - // Defaults to using GitHub's public API ("github.com"). - // For convenience, specifying "github.com" is equivalent to specifying "api.github.com". - // Do not specify a protocol or scheme since "https://" will always be used. - // Port is optional. Do not specify a path, query, fragment, or userinfo. - // Only specify domain name or IP address, subdomains (optional), and port (optional). - // IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address - // in square brackets. Example: "[::1]:443". - // - // +kubebuilder:default="github.com" - // +kubebuilder:validation:MinLength=1 - // +optional - Host *string `json:"host"` - - // TLS configuration for GitHub Enterprise Server. - // Note that this field should not be needed when using GitHub's public API ("github.com"). - // However, if you choose to specify this field when using GitHub's public API, you must - // specify a CA bundle that will verify connections to "api.github.com". - // - // +optional - TLS *TLSSpec `json:"tls,omitempty"` -} - -// GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present -// to Kubernetes. See the response schema for -// [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). -type GitHubUsernameAttribute string - -const ( - // GitHubUsernameID specifies using the `id` attribute from the GitHub user for the username to present to Kubernetes. - GitHubUsernameID GitHubUsernameAttribute = "id" - - // GitHubUsernameLogin specifies using the `login` attribute from the GitHub user as the username to present to Kubernetes. - GitHubUsernameLogin GitHubUsernameAttribute = "login" - - // GitHubUsernameLoginAndID specifies combining the `login` and `id` attributes from the GitHub user as the - // username to present to Kubernetes, separated by a colon. Example: "my-login:1234" - GitHubUsernameLoginAndID GitHubUsernameAttribute = "login:id" -) - -// GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group -// names to present to Kubernetes. See the response schema for -// [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). -type GitHubGroupNameAttribute string - -const ( - // GitHubUseTeamNameForGroupName specifies using the GitHub team's `name` attribute as the group name to present to Kubernetes. - GitHubUseTeamNameForGroupName GitHubGroupNameAttribute = "name" - - // GitHubUseTeamSlugForGroupName specifies using the GitHub team's `slug` attribute as the group name to present to Kubernetes. - GitHubUseTeamSlugForGroupName GitHubGroupNameAttribute = "slug" -) - -// GitHubClaims allows customization of the username and groups claims. -type GitHubClaims struct { - // Username configures which property of the GitHub user record shall determine the username in Kubernetes. - // - // Can be either "id", "login", or "login:id". Defaults to "login:id". - // - // GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, - // and may not start or end with hyphens. GitHub users are allowed to change their login name, - // although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", - // then a second user might change their name from "baz" to "foo" in order to take the old - // username of the first user. For this reason, it is not as safe to make authorization decisions - // based only on the user's login attribute. - // - // If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - // FederationDomain to further customize how these usernames are presented to Kubernetes. - // - // Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and - // unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value - // from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable - // choice to concatenate the two values. - // - // See the response schema for - // [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - // - // +kubebuilder:default="login:id" - // +kubebuilder:validation:Enum={"id","login","login:id"} - // +optional - Username *GitHubUsernameAttribute `json:"username"` - - // Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. - // - // Can be either "name" or "slug". Defaults to "slug". - // - // GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). - // - // GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). - // - // Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a - // forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters - // or single hyphens, so the first forward slash `/` will be the separator between the organization login name and - // the team name or slug. - // - // If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - // FederationDomain to further customize how these group names are presented to Kubernetes. - // - // See the response schema for - // [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - // - // +kubebuilder:default=slug - // +kubebuilder:validation:Enum=name;slug - // +optional - Groups *GitHubGroupNameAttribute `json:"groups"` -} - -// GitHubClientSpec contains information about the GitHub client that this identity provider will use -// for web-based login flows. -type GitHubClientSpec struct { - // SecretName contains the name of a namespace-local Secret object that provides the clientID and - // clientSecret for an GitHub App or GitHub OAuth2 client. - // - // This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". - // - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type GitHubOrganizationsSpec struct { - // Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". - // Defaults to "OnlyUsersFromAllowedOrganizations". - // - // Must be set to "AllGitHubUsers" if the allowed field is empty. - // - // This field only exists to ensure that Pinniped administrators are aware that an empty list of - // allowedOrganizations means all GitHub users are allowed to log in. - // - // +kubebuilder:default=OnlyUsersFromAllowedOrganizations - // +kubebuilder:validation:Enum=OnlyUsersFromAllowedOrganizations;AllGitHubUsers - // +optional - Policy *GitHubAllowedAuthOrganizationsPolicy `json:"policy"` - - // Allowed, when specified, indicates that only users with membership in at least one of the listed - // GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include - // teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be - // provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. - // - // The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, - // otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams - // within that organization. - // - // If no organizations are listed, you must set organizations: AllGitHubUsers. - // - // +kubebuilder:validation:MaxItems=64 - // +listType=set - // +optional - Allowed []string `json:"allowed,omitempty"` -} - -// GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. -type GitHubAllowAuthenticationSpec struct { - // Organizations allows customization of which organizations can authenticate using this IDP. - // +kubebuilder:validation:XValidation:message="spec.allowAuthentication.organizations.policy must be 'OnlyUsersFromAllowedOrganizations' when spec.allowAuthentication.organizations.allowed has organizations listed",rule="!(has(self.allowed) && size(self.allowed) > 0 && self.policy == 'AllGitHubUsers')" - // +kubebuilder:validation:XValidation:message="spec.allowAuthentication.organizations.policy must be 'AllGitHubUsers' when spec.allowAuthentication.organizations.allowed is empty",rule="!((!has(self.allowed) || size(self.allowed) == 0) && self.policy == 'OnlyUsersFromAllowedOrganizations')" - Organizations GitHubOrganizationsSpec `json:"organizations"` -} - -// GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. -type GitHubIdentityProviderSpec struct { - // GitHubAPI allows configuration for GitHub Enterprise Server - // - // +kubebuilder:default={} - GitHubAPI GitHubAPIConfig `json:"githubAPI,omitempty"` - - // Claims allows customization of the username and groups claims. - // - // +kubebuilder:default={} - Claims GitHubClaims `json:"claims,omitempty"` - - // AllowAuthentication allows customization of who can authenticate using this IDP and how. - AllowAuthentication GitHubAllowAuthenticationSpec `json:"allowAuthentication"` - - // Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). - Client GitHubClientSpec `json:"client"` -} - -// GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. -// This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. -// -// Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured -// as OIDCClients. -// -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.githubAPI.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type GitHubIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec GitHubIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status GitHubIdentityProviderStatus `json:"status,omitempty"` -} - -// GitHubIdentityProviderList lists GitHubIdentityProvider objects. -// -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type GitHubIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []GitHubIdentityProvider `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.29/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go deleted file mode 100644 index 904a0d50b..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go +++ /dev/null @@ -1,207 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type LDAPIdentityProviderPhase string - -const ( - // LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources. - LDAPPhasePending LDAPIdentityProviderPhase = "Pending" - - // LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state. - LDAPPhaseReady LDAPIdentityProviderPhase = "Ready" - - // LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state. - LDAPPhaseError LDAPIdentityProviderPhase = "Error" -) - -// Status of an LDAP identity provider. -type LDAPIdentityProviderStatus struct { - // Phase summarizes the overall status of the LDAPIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase LDAPIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -type LDAPIdentityProviderBind struct { - // SecretName contains the name of a namespace-local Secret object that provides the username and - // password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be - // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - // The password must be non-empty. - // +kubebuilder:validation:MinLength=1 - SecretName string `json:"secretName"` -} - -type LDAPIdentityProviderUserSearchAttributes struct { - // Username specifies the name of the attribute in the LDAP entry whose value shall become the username - // of the user after a successful authentication. This would typically be the same attribute name used in - // the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field - // is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default - // value of "dn={}" would not work. - // +kubebuilder:validation:MinLength=1 - Username string `json:"username,omitempty"` - - // UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely - // identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". - // +kubebuilder:validation:MinLength=1 - UID string `json:"uid,omitempty"` -} - -type LDAPIdentityProviderGroupSearchAttributes struct { - // GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name - // in the user's list of groups after a successful authentication. - // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP - // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - // Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). - // +optional - GroupName string `json:"groupName,omitempty"` -} - -type LDAPIdentityProviderUserSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for users. - // E.g. "ou=users,dc=example,dc=com". - // +kubebuilder:validation:MinLength=1 - Base string `json:"base,omitempty"` - - // Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur - // in the filter at least once and will be dynamically replaced by the username for which the search is being run. - // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - // https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the Filter were specified as the value from - // Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be - // explicitly specified, since the default value of "dn={}" would not work. - // +optional - Filter string `json:"filter,omitempty"` - - // Attributes specifies how the user's information should be read from the LDAP entry which was found as - // the result of the user search. - // +optional - Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` -} - -type LDAPIdentityProviderGroupSearch struct { - // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - // "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and - // authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, - // the values of Filter, UserAttributeForFilter, Attributes, and SkipGroupRefresh are ignored. - // +optional - Base string `json:"base,omitempty"` - - // Filter is the LDAP search filter which should be applied when searching for groups for a user. - // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - // value of an attribute of the user entry found as a result of the user search. Which attribute's - // value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - // For more information about LDAP filters, see https://ldap.com/ldap-filters. - // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - // Optional. When not specified, the default will act as if the Filter were specified as "member={}". - // +optional - Filter string `json:"filter,omitempty"` - - // UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - // the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - // For example, specifying "uid" as the UserAttributeForFilter while specifying - // "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - // the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - // Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - // UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - // would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - // +optional - UserAttributeForFilter string `json:"userAttributeForFilter,omitempty"` - - // Attributes specifies how the group's information should be read from each LDAP entry which was found as - // the result of the group search. - // +optional - Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` - - // The user's group membership is refreshed as they interact with the supervisor - // to obtain new credentials (as their old credentials expire). This allows group - // membership changes to be quickly reflected into Kubernetes clusters. Since - // group membership is often used to bind authorization policies, it is important - // to keep the groups observed in Kubernetes clusters in-sync with the identity - // provider. - // - // In some environments, frequent group membership queries may result in a - // significant performance impact on the identity provider and/or the supervisor. - // The best approach to handle performance impacts is to tweak the group query - // to be more performant, for example by disabling nested group search or by - // using a more targeted group search base. - // - // If the group search query cannot be made performant and you are willing to - // have group memberships remain static for approximately a day, then set - // skipGroupRefresh to true. This is an insecure configuration as authorization - // policies that are bound to group membership will not notice if a user has - // been removed from a particular group until their next login. - // - // This is an experimental feature that may be removed or significantly altered - // in the future. Consumers of this configuration should carefully read all - // release notes before upgrading to ensure that the meaning of this field has - // not changed. - SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` -} - -// Spec for configuring an LDAP identity provider. -type LDAPIdentityProviderSpec struct { - // Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. - // +kubebuilder:validation:MinLength=1 - Host string `json:"host"` - - // TLS contains the connection settings for how to establish the connection to the Host. - TLS *TLSSpec `json:"tls,omitempty"` - - // Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server - // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - Bind LDAPIdentityProviderBind `json:"bind,omitempty"` - - // UserSearch contains the configuration for searching for a user by name in the LDAP provider. - UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"` - - // GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. - GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"` -} - -// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access -// Protocol (LDAP) identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type LDAPIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec LDAPIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status LDAPIdentityProviderStatus `json:"status,omitempty"` -} - -// List of LDAPIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type LDAPIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []LDAPIdentityProvider `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.29/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go deleted file mode 100644 index 8b18b46a5..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go +++ /dev/null @@ -1,217 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type OIDCIdentityProviderPhase string - -const ( - // PhasePending is the default phase for newly-created OIDCIdentityProvider resources. - PhasePending OIDCIdentityProviderPhase = "Pending" - - // PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state. - PhaseReady OIDCIdentityProviderPhase = "Ready" - - // PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state. - PhaseError OIDCIdentityProviderPhase = "Error" -) - -// OIDCIdentityProviderStatus is the status of an OIDC identity provider. -type OIDCIdentityProviderStatus struct { - // Phase summarizes the overall status of the OIDCIdentityProvider. - // +kubebuilder:default=Pending - // +kubebuilder:validation:Enum=Pending;Ready;Error - Phase OIDCIdentityProviderPhase `json:"phase,omitempty"` - - // Represents the observations of an identity provider's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization -// request parameters. -type OIDCAuthorizationConfig struct { - // additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization - // request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials - // Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is - // always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request - // the following scopes: "openid", "offline_access", "email", and "profile". See - // https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" - // scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the - // "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, - // or as common patterns used by providers who implement the standard in the ecosystem evolve. - // By setting this list to anything other than an empty list, you are overriding the - // default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. - // If you do not want any of these scopes to be requested, you may set this list to contain only "openid". - // Some OIDC providers may also require a scope to get access to the user's group membership, in which case you - // may wish to include it in this list. Sometimes the scope to request the user's group membership is called - // "groups", but unfortunately this is not specified in the OIDC standard. - // Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by - // your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in - // the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See - // your OIDC provider's documentation for more information about what scopes are available to request claims. - // Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor - // from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be - // "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its - // requirements for what to include in the request in order to receive a refresh token in the response, if anything. - // Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider - // may ignore scopes that it does not understand or require (see - // https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the - // "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC - // provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). - // +optional - AdditionalScopes []string `json:"additionalScopes,omitempty"` - - // additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your - // OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra - // parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", - // "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be - // included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. - // The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user - // should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting - // ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. - // This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password - // Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the - // Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" - // parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's - // authorization endpoint for its requirements for what to include in the request in order to receive a refresh - // token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, - // then include it here. Also note that most providers also require a certain scope to be requested in order to - // receive refresh tokens. See the additionalScopes setting for more information about using scopes to request - // refresh tokens. - // +optional - // +patchMergeKey=name - // +patchStrategy=merge - // +listType=map - // +listMapKey=name - AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"` - - // allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant - // (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a - // username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. - // The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be - // supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password - // Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose - // to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the - // cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be - // convenient for users, especially for identities from your OIDC provider which are not intended to represent a human - // actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, - // you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this - // OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password - // Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords - // (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other - // web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. - // allowPasswordGrant defaults to false. - // +optional - AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"` -} - -// Parameter is a key/value pair which represents a parameter in an HTTP request. -type Parameter struct { - // The name of the parameter. Required. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - - // The value of the parameter. - // +optional - Value string `json:"value,omitempty"` -} - -// OIDCClaims provides a mapping from upstream claims into identities. -type OIDCClaims struct { - // Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain - // the groups to which an identity belongs. By default, the identities will not include any group memberships when - // this setting is not configured. - // +optional - Groups string `json:"groups"` - - // Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to - // ascertain an identity's username. When not set, the username will be an automatically constructed unique string - // which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from - // the ID token. - // +optional - Username string `json:"username"` - - // AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the - // "additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of - // new claim names as the keys, and upstream claim names as the values. These new claim names will be nested - // under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this - // OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. - // This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be - // used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims - // are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. - // +optional - AdditionalClaimMappings map[string]string `json:"additionalClaimMappings,omitempty"` -} - -// OIDCClient contains information about an OIDC client (e.g., client ID and client -// secret). -type OIDCClient struct { - // SecretName contains the name of a namespace-local Secret object that provides the clientID and - // clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient - // struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys - // "clientID" and "clientSecret". - SecretName string `json:"secretName"` -} - -// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. -type OIDCIdentityProviderSpec struct { - // Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch - // /.well-known/openid-configuration. - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:Pattern=`^https://` - Issuer string `json:"issuer"` - - // TLS configuration for discovery/JWKS requests to the issuer. - // +optional - TLS *TLSSpec `json:"tls,omitempty"` - - // AuthorizationConfig holds information about how to form the OAuth2 authorization request - // parameters to be used with this OIDC identity provider. - // +optional - AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"` - - // Claims provides the names of token claims that will be used when inspecting an identity from - // this OIDC identity provider. - // +optional - Claims OIDCClaims `json:"claims"` - - // OIDCClient contains OIDC client information to be used used with this OIDC identity - // provider. - Client OIDCClient `json:"client"` -} - -// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps -// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` -// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` -// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` -// +kubebuilder:subresource:status -type OIDCIdentityProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec for configuring the identity provider. - Spec OIDCIdentityProviderSpec `json:"spec"` - - // Status of the identity provider. - Status OIDCIdentityProviderStatus `json:"status,omitempty"` -} - -// OIDCIdentityProviderList lists OIDCIdentityProvider objects. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type OIDCIdentityProviderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []OIDCIdentityProvider `json:"items"` -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.29/apis/supervisor/idp/v1alpha1/types_tls.go deleted file mode 100644 index 52def22d1..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/types_tls.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. -// -// +kubebuilder:validation:Enum=Secret;ConfigMap -type CertificateAuthorityDataSourceKind string - -const ( - // CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles. - CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap") - - // CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles. - // Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque. - CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret") -) - -// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. -type CertificateAuthorityDataSourceSpec struct { - // Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - // Allowed values are "Secret" or "ConfigMap". - // "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - // "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - Kind CertificateAuthorityDataSourceKind `json:"kind"` - // Name is the resource name of the secret or configmap from which to read the CA bundle. - // The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - // +kubebuilder:validation:MinLength=1 - Name string `json:"name"` - // Key is the key name within the secret or configmap from which to read the CA bundle. - // The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - // certificate bundle. - // +kubebuilder:validation:MinLength=1 - Key string `json:"key"` -} - -// TLSSpec provides TLS configuration for identity provider integration. -type TLSSpec struct { - // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. - // +optional - CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` - // Reference to a CA bundle in a secret or a configmap. - // Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - // +optional - CertificateAuthorityDataSource *CertificateAuthorityDataSourceSpec `json:"certificateAuthorityDataSource,omitempty"` -} diff --git a/generated/1.29/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.29/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index a6a357f54..000000000 --- a/generated/1.29/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,835 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider. -func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind. -func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderBind) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch. -func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderGroupSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes. -func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ActiveDirectoryIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList. -func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - out.Bind = in.Bind - out.UserSearch = in.UserSearch - out.GroupSearch = in.GroupSearch - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec. -func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus. -func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch. -func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderUserSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes. -func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes { - if in == nil { - return nil - } - out := new(ActiveDirectoryIdentityProviderUserSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateAuthorityDataSourceSpec) DeepCopyInto(out *CertificateAuthorityDataSourceSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateAuthorityDataSourceSpec. -func (in *CertificateAuthorityDataSourceSpec) DeepCopy() *CertificateAuthorityDataSourceSpec { - if in == nil { - return nil - } - out := new(CertificateAuthorityDataSourceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubAPIConfig) DeepCopyInto(out *GitHubAPIConfig) { - *out = *in - if in.Host != nil { - in, out := &in.Host, &out.Host - *out = new(string) - **out = **in - } - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubAPIConfig. -func (in *GitHubAPIConfig) DeepCopy() *GitHubAPIConfig { - if in == nil { - return nil - } - out := new(GitHubAPIConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubAllowAuthenticationSpec) DeepCopyInto(out *GitHubAllowAuthenticationSpec) { - *out = *in - in.Organizations.DeepCopyInto(&out.Organizations) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubAllowAuthenticationSpec. -func (in *GitHubAllowAuthenticationSpec) DeepCopy() *GitHubAllowAuthenticationSpec { - if in == nil { - return nil - } - out := new(GitHubAllowAuthenticationSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubClaims) DeepCopyInto(out *GitHubClaims) { - *out = *in - if in.Username != nil { - in, out := &in.Username, &out.Username - *out = new(GitHubUsernameAttribute) - **out = **in - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = new(GitHubGroupNameAttribute) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubClaims. -func (in *GitHubClaims) DeepCopy() *GitHubClaims { - if in == nil { - return nil - } - out := new(GitHubClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubClientSpec) DeepCopyInto(out *GitHubClientSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubClientSpec. -func (in *GitHubClientSpec) DeepCopy() *GitHubClientSpec { - if in == nil { - return nil - } - out := new(GitHubClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProvider) DeepCopyInto(out *GitHubIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProvider. -func (in *GitHubIdentityProvider) DeepCopy() *GitHubIdentityProvider { - if in == nil { - return nil - } - out := new(GitHubIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *GitHubIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderList) DeepCopyInto(out *GitHubIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]GitHubIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderList. -func (in *GitHubIdentityProviderList) DeepCopy() *GitHubIdentityProviderList { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *GitHubIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderSpec) DeepCopyInto(out *GitHubIdentityProviderSpec) { - *out = *in - in.GitHubAPI.DeepCopyInto(&out.GitHubAPI) - in.Claims.DeepCopyInto(&out.Claims) - in.AllowAuthentication.DeepCopyInto(&out.AllowAuthentication) - out.Client = in.Client - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderSpec. -func (in *GitHubIdentityProviderSpec) DeepCopy() *GitHubIdentityProviderSpec { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubIdentityProviderStatus) DeepCopyInto(out *GitHubIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubIdentityProviderStatus. -func (in *GitHubIdentityProviderStatus) DeepCopy() *GitHubIdentityProviderStatus { - if in == nil { - return nil - } - out := new(GitHubIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitHubOrganizationsSpec) DeepCopyInto(out *GitHubOrganizationsSpec) { - *out = *in - if in.Policy != nil { - in, out := &in.Policy, &out.Policy - *out = new(GitHubAllowedAuthOrganizationsPolicy) - **out = **in - } - if in.Allowed != nil { - in, out := &in.Allowed, &out.Allowed - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHubOrganizationsSpec. -func (in *GitHubOrganizationsSpec) DeepCopy() *GitHubOrganizationsSpec { - if in == nil { - return nil - } - out := new(GitHubOrganizationsSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider. -func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider { - if in == nil { - return nil - } - out := new(LDAPIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind. -func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderBind) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch. -func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderGroupSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes. -func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderGroupSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LDAPIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList. -func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - out.Bind = in.Bind - out.UserSearch = in.UserSearch - out.GroupSearch = in.GroupSearch - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec. -func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus. -func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) { - *out = *in - out.Attributes = in.Attributes - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch. -func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderUserSearch) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes. -func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes { - if in == nil { - return nil - } - out := new(LDAPIdentityProviderUserSearchAttributes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) { - *out = *in - if in.AdditionalScopes != nil { - in, out := &in.AdditionalScopes, &out.AdditionalScopes - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AdditionalAuthorizeParameters != nil { - in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters - *out = make([]Parameter, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig. -func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig { - if in == nil { - return nil - } - out := new(OIDCAuthorizationConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) { - *out = *in - if in.AdditionalClaimMappings != nil { - in, out := &in.AdditionalClaimMappings, &out.AdditionalClaimMappings - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims. -func (in *OIDCClaims) DeepCopy() *OIDCClaims { - if in == nil { - return nil - } - out := new(OIDCClaims) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider. -func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider { - if in == nil { - return nil - } - out := new(OIDCIdentityProvider) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCIdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList. -func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) { - *out = *in - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = new(TLSSpec) - (*in).DeepCopyInto(*out) - } - in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) - in.Claims.DeepCopyInto(&out.Claims) - out.Client = in.Client - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec. -func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus. -func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus { - if in == nil { - return nil - } - out := new(OIDCIdentityProviderStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Parameter) DeepCopyInto(out *Parameter) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. -func (in *Parameter) DeepCopy() *Parameter { - if in == nil { - return nil - } - out := new(Parameter) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { - *out = *in - if in.CertificateAuthorityDataSource != nil { - in, out := &in.CertificateAuthorityDataSource, &out.CertificateAuthorityDataSource - *out = new(CertificateAuthorityDataSourceSpec) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. -func (in *TLSSpec) DeepCopy() *TLSSpec { - if in == nil { - return nil - } - out := new(TLSSpec) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.29/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.29/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go deleted file mode 100644 index 6a130e7b7..000000000 --- a/generated/1.29/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint -// as the "type" of each returned identity provider. -type IDPType string - -// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint -// in the array of allowed client "flows" for each returned identity provider. -type IDPFlow string - -const ( - IDPTypeOIDC IDPType = "oidc" - IDPTypeLDAP IDPType = "ldap" - IDPTypeActiveDirectory IDPType = "activedirectory" - IDPTypeGitHub IDPType = "github" - - IDPFlowCLIPassword IDPFlow = "cli_password" - IDPFlowBrowserAuthcode IDPFlow = "browser_authcode" -) - -// Equals is a convenience function for comparing an IDPType to a string. -func (r IDPType) Equals(s string) bool { - return string(r) == s -} - -// String is a convenience function to convert an IDPType to a string. -func (r IDPType) String() string { - return string(r) -} - -// Equals is a convenience function for comparing an IDPFlow to a string. -func (r IDPFlow) Equals(s string) bool { - return string(r) == s -} - -// String is a convenience function to convert an IDPFlow to a string. -func (r IDPFlow) String() string { - return string(r) -} - -// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration -// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider -// configuration metadata and only picks out the portion related to Supervisor identity provider discovery. -type OIDCDiscoveryResponse struct { - SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"` -} - -// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint. -type OIDCDiscoveryResponseIDPEndpoint struct { - PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"` -} - -// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint. -type IDPDiscoveryResponse struct { - PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"` - PinnipedSupportedIDPTypes []PinnipedSupportedIDPType `json:"pinniped_supported_identity_provider_types"` -} - -// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's -// identity provider discovery endpoint. -type PinnipedIDP struct { - Name string `json:"name"` - Type IDPType `json:"type"` - Flows []IDPFlow `json:"flows,omitempty"` -} - -// PinnipedSupportedIDPType describes a single identity provider type. -type PinnipedSupportedIDPType struct { - Type IDPType `json:"type"` -} diff --git a/generated/1.29/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.29/apis/supervisor/oidc/types_supervisor_oidc.go deleted file mode 100644 index 5ec745e67..000000000 --- a/generated/1.29/apis/supervisor/oidc/types_supervisor_oidc.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package oidc - -// Constants related to the Supervisor FederationDomain's authorization and token endpoints. -const ( - // AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username - // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant - // or an LDAPIdentityProvider. - AuthorizeUsernameHeaderName = "Pinniped-Username" - - // AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password - // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant - // or an LDAPIdentityProvider. - AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential - - // AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select - // which identity provider should be used for authentication by sending the name of the desired identity provider. - AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name" - - // AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select - // which identity provider should be used for authentication by sending the type of the desired identity provider. - AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type" - - // IDTokenClaimIssuer is name of the issuer claim defined by the OIDC spec. - IDTokenClaimIssuer = "iss" - - // IDTokenClaimSubject is name of the subject claim defined by the OIDC spec. - IDTokenClaimSubject = "sub" - - // IDTokenSubClaimIDPNameQueryParam is the name of the query param used in the values of the "sub" claim - // in Supervisor-issued ID tokens to identify with which external identity provider the user authenticated. - IDTokenSubClaimIDPNameQueryParam = "idpName" - - // IDTokenClaimAuthorizedParty is name of the authorized party claim defined by the OIDC spec. - IDTokenClaimAuthorizedParty = "azp" - - // IDTokenClaimUsername is the name of a custom claim in the downstream ID token whose value will contain the user's - // username which was mapped from the upstream identity provider. - IDTokenClaimUsername = "username" - - // IDTokenClaimGroups is the name of a custom claim in the downstream ID token whose value will contain the user's - // group names which were mapped from the upstream identity provider. - IDTokenClaimGroups = "groups" - - // IDTokenClaimAdditionalClaims is the top level claim used to hold additional claims in the downstream ID - // token, if any claims are present. - IDTokenClaimAdditionalClaims = "additionalClaims" - - // GrantTypeAuthorizationCode is the name of the grant type for authorization code flows defined by the OIDC spec. - GrantTypeAuthorizationCode = "authorization_code" - - // GrantTypeRefreshToken is the name of the grant type for refresh flow defined by the OIDC spec. - GrantTypeRefreshToken = "refresh_token" - - // GrantTypeTokenExchange is the name of a custom grant type for RFC8693 token exchanges. - GrantTypeTokenExchange = "urn:ietf:params:oauth:grant-type:token-exchange" //nolint:gosec // this is not a credential - - // ScopeOpenID is name of the openid scope defined by the OIDC spec. - ScopeOpenID = "openid" - - // ScopeOfflineAccess is name of the offline access scope defined by the OIDC spec, used for requesting refresh - // tokens. - ScopeOfflineAccess = "offline_access" - - // ScopeEmail is name of the email scope defined by the OIDC spec. - ScopeEmail = "email" - - // ScopeProfile is name of the profile scope defined by the OIDC spec. - ScopeProfile = "profile" - - // ScopeUsername is the name of a custom scope that determines whether the username claim will be returned inside - // ID tokens. - ScopeUsername = "username" - - // ScopeGroups is the name of a custom scope that determines whether the groups claim will be returned inside - // ID tokens. - ScopeGroups = "groups" - - // ScopeRequestAudience is the name of a custom scope that determines whether a RFC8693 token exchange is allowed to - // be used to request a different audience. - ScopeRequestAudience = "pinniped:request-audience" - - // ClientIDPinnipedCLI is the client ID of the statically defined public OIDC client which is used by the CLI. - ClientIDPinnipedCLI = "pinniped-cli" - - // ClientIDRequiredOIDCClientPrefix is the required prefix for the metadata.name of OIDCClient CRs. - ClientIDRequiredOIDCClientPrefix = "client.oauth.pinniped.dev-" -) diff --git a/generated/1.29/client/concierge/clientset/versioned/clientset.go b/generated/1.29/client/concierge/clientset/versioned/clientset.go deleted file mode 100644 index b0aeda7d4..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/clientset.go +++ /dev/null @@ -1,146 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - "net/http" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface - ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface - LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface -} - -// Clientset contains the clients for groups. -type Clientset struct { - *discovery.DiscoveryClient - authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client - loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client -} - -// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client -func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { - return c.authenticationV1alpha1 -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return c.configV1alpha1 -} - -// IdentityV1alpha1 retrieves the IdentityV1alpha1Client -func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { - return c.identityV1alpha1 -} - -// LoginV1alpha1 retrieves the LoginV1alpha1Client -func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { - return c.loginV1alpha1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - - if configShallowCopy.UserAgent == "" { - configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() - } - - // share the transport between all clients - httpClient, err := rest.HTTPClientFor(&configShallowCopy) - if err != nil { - return nil, err - } - - return NewForConfigAndClient(&configShallowCopy, httpClient) -} - -// NewForConfigAndClient creates a new Clientset for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. -func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - - var cs Clientset - var err error - cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.identityV1alpha1, err = identityv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.loginV1alpha1, err = loginv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - cs, err := NewForConfig(c) - if err != nil { - panic(err) - } - return cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) - cs.configV1alpha1 = configv1alpha1.New(c) - cs.identityV1alpha1 = identityv1alpha1.New(c) - cs.loginV1alpha1 = loginv1alpha1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/generated/1.29/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.29/client/concierge/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index a1cc6aee8..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,93 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" - identityv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1" - fakeidentityv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" - loginv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1" - fakeloginv1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var ( - _ clientset.Interface = &Clientset{} - _ testing.FakeClient = &Clientset{} -) - -// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client -func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { - return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} -} - -// IdentityV1alpha1 retrieves the IdentityV1alpha1Client -func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { - return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake} -} - -// LoginV1alpha1 retrieves the LoginV1alpha1Client -func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { - return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.29/client/concierge/clientset/versioned/fake/doc.go b/generated/1.29/client/concierge/clientset/versioned/fake/doc.go deleted file mode 100644 index 273121fa7..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated fake clientset. -package fake diff --git a/generated/1.29/client/concierge/clientset/versioned/fake/register.go b/generated/1.29/client/concierge/clientset/versioned/fake/register.go deleted file mode 100644 index 131f6094b..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/fake/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var scheme = runtime.NewScheme() -var codecs = serializer.NewCodecFactory(scheme) - -var localSchemeBuilder = runtime.SchemeBuilder{ - authenticationv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - identityv1alpha1.AddToScheme, - loginv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(scheme)) -} diff --git a/generated/1.29/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.29/client/concierge/clientset/versioned/scheme/doc.go deleted file mode 100644 index ae325a52e..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/scheme/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package contains the scheme of the automatically generated clientset. -package scheme diff --git a/generated/1.29/client/concierge/clientset/versioned/scheme/register.go b/generated/1.29/client/concierge/clientset/versioned/scheme/register.go deleted file mode 100644 index ca13e724b..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/scheme/register.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package scheme - -import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var Scheme = runtime.NewScheme() -var Codecs = serializer.NewCodecFactory(Scheme) -var ParameterCodec = runtime.NewParameterCodec(Scheme) -var localSchemeBuilder = runtime.SchemeBuilder{ - authenticationv1alpha1.AddToScheme, - configv1alpha1.AddToScheme, - identityv1alpha1.AddToScheme, - loginv1alpha1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(Scheme)) -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go deleted file mode 100644 index a904f4ac5..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type AuthenticationV1alpha1Interface interface { - RESTClient() rest.Interface - JWTAuthenticatorsGetter - WebhookAuthenticatorsGetter -} - -// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. -type AuthenticationV1alpha1Client struct { - restClient rest.Interface -} - -func (c *AuthenticationV1alpha1Client) JWTAuthenticators() JWTAuthenticatorInterface { - return newJWTAuthenticators(c) -} - -func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthenticatorInterface { - return newWebhookAuthenticators(c) -} - -// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new AuthenticationV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &AuthenticationV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AuthenticationV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *AuthenticationV1alpha1Client { - return &AuthenticationV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go deleted file mode 100644 index aa9f7c6e3..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeJWTAuthenticators implements JWTAuthenticatorInterface -type FakeJWTAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var jwtauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators") - -var jwtauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator") - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.JWTAuthenticator), err -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go deleted file mode 100644 index e16d6e494..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface -type FakeWebhookAuthenticators struct { - Fake *FakeAuthenticationV1alpha1 -} - -var webhookauthenticatorsResource = v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators") - -var webhookauthenticatorsKind = v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator") - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) - return err -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookAuthenticator), err -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go deleted file mode 100644 index 620fcdd90..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type JWTAuthenticatorExpansion interface{} - -type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 2027765e2..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. -// A group's client should implement this interface. -type JWTAuthenticatorsGetter interface { - JWTAuthenticators() JWTAuthenticatorInterface -} - -// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. -type JWTAuthenticatorInterface interface { - Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) - Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) - JWTAuthenticatorExpansion -} - -// jWTAuthenticators implements JWTAuthenticatorInterface -type jWTAuthenticators struct { - client rest.Interface -} - -// newJWTAuthenticators returns a JWTAuthenticators -func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { - return &jWTAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. -func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Get(). - Resource("jwtauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. -func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.JWTAuthenticatorList{} - err = c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested jWTAuthenticators. -func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Post(). - Resource("jwtauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. -func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Put(). - Resource("jwtauthenticators"). - Name(jWTAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(jWTAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. -func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("jwtauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("jwtauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched jWTAuthenticator. -func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { - result = &v1alpha1.JWTAuthenticator{} - err = c.client.Patch(pt). - Resource("jwtauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index e2689e4eb..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. -// A group's client should implement this interface. -type WebhookAuthenticatorsGetter interface { - WebhookAuthenticators() WebhookAuthenticatorInterface -} - -// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. -type WebhookAuthenticatorInterface interface { - Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) - Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) - WebhookAuthenticatorExpansion -} - -// webhookAuthenticators implements WebhookAuthenticatorInterface -type webhookAuthenticators struct { - client rest.Interface -} - -// newWebhookAuthenticators returns a WebhookAuthenticators -func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { - return &webhookAuthenticators{ - client: c.RESTClient(), - } -} - -// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. -func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Get(). - Resource("webhookauthenticators"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. -func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookAuthenticatorList{} - err = c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookAuthenticators. -func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Post(). - Resource("webhookauthenticators"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. -func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Put(). - Resource("webhookauthenticators"). - Name(webhookAuthenticator.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookAuthenticator). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. -func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("webhookauthenticators"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("webhookauthenticators"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookAuthenticator. -func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { - result = &v1alpha1.WebhookAuthenticator{} - err = c.client.Patch(pt). - Resource("webhookauthenticators"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go deleted file mode 100644 index 04146e296..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. -// A group's client should implement this interface. -type CredentialIssuersGetter interface { - CredentialIssuers() CredentialIssuerInterface -} - -// CredentialIssuerInterface has methods to work with CredentialIssuer resources. -type CredentialIssuerInterface interface { - Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) - Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) - CredentialIssuerExpansion -} - -// credentialIssuers implements CredentialIssuerInterface -type credentialIssuers struct { - client rest.Interface -} - -// newCredentialIssuers returns a CredentialIssuers -func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { - return &credentialIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Get(). - Resource("credentialissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.CredentialIssuerList{} - err = c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Post(). - Resource("credentialissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Put(). - Resource("credentialissuers"). - Name(credentialIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(credentialIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("credentialissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("credentialissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - result = &v1alpha1.CredentialIssuer{} - err = c.client.Patch(pt). - Resource("credentialissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go deleted file mode 100644 index 7f00b8159..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeConfigV1alpha1 struct { - *testing.Fake -} - -func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { - return &FakeCredentialIssuers{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go deleted file mode 100644 index 5a4943d4e..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCredentialIssuers implements CredentialIssuerInterface -type FakeCredentialIssuers struct { - Fake *FakeConfigV1alpha1 -} - -var credentialissuersResource = v1alpha1.SchemeGroupVersion.WithResource("credentialissuers") - -var credentialissuersKind = v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer") - -// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. -func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. -func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} - for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested credentialIssuers. -func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) -} - -// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. -func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} - -// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. -func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched credentialIssuer. -func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.CredentialIssuer), err -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go deleted file mode 100644 index aefee6676..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type CredentialIssuerExpansion interface{} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go deleted file mode 100644 index 7f4369ad7..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeIdentityV1alpha1 struct { - *testing.Fake -} - -func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { - return &FakeWhoAmIRequests{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeIdentityV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go deleted file mode 100644 index 92eaa4490..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeWhoAmIRequests implements WhoAmIRequestInterface -type FakeWhoAmIRequests struct { - Fake *FakeIdentityV1alpha1 -} - -var whoamirequestsResource = v1alpha1.SchemeGroupVersion.WithResource("whoamirequests") - -var whoamirequestsKind = v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest") - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WhoAmIRequest), err -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go deleted file mode 100644 index fc7c9d90d..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type WhoAmIRequestExpansion interface{} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go deleted file mode 100644 index cd549eb9a..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1" - "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type IdentityV1alpha1Interface interface { - RESTClient() rest.Interface - WhoAmIRequestsGetter -} - -// IdentityV1alpha1Client is used to interact with features provided by the identity.concierge.pinniped.dev group. -type IdentityV1alpha1Client struct { - restClient rest.Interface -} - -func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { - return newWhoAmIRequests(c) -} - -// NewForConfig creates a new IdentityV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new IdentityV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &IdentityV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new IdentityV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IdentityV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new IdentityV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IdentityV1alpha1Client { - return &IdentityV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *IdentityV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go deleted file mode 100644 index 62e5d63de..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. -// A group's client should implement this interface. -type WhoAmIRequestsGetter interface { - WhoAmIRequests() WhoAmIRequestInterface -} - -// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. -type WhoAmIRequestInterface interface { - Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) - WhoAmIRequestExpansion -} - -// whoAmIRequests implements WhoAmIRequestInterface -type whoAmIRequests struct { - client rest.Interface -} - -// newWhoAmIRequests returns a WhoAmIRequests -func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { - return &whoAmIRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. -func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { - result = &v1alpha1.WhoAmIRequest{} - err = c.client.Post(). - Resource("whoamirequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(whoAmIRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go deleted file mode 100644 index 9579dea25..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeLoginV1alpha1 struct { - *testing.Fake -} - -func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { - return &FakeTokenCredentialRequests{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeLoginV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go deleted file mode 100644 index 353190775..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeTokenCredentialRequests implements TokenCredentialRequestInterface -type FakeTokenCredentialRequests struct { - Fake *FakeLoginV1alpha1 -} - -var tokencredentialrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests") - -var tokencredentialrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest") - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.TokenCredentialRequest), err -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go deleted file mode 100644 index 43306b27e..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type TokenCredentialRequestExpansion interface{} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go deleted file mode 100644 index 396a47beb..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1" - "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type LoginV1alpha1Interface interface { - RESTClient() rest.Interface - TokenCredentialRequestsGetter -} - -// LoginV1alpha1Client is used to interact with features provided by the login.concierge.pinniped.dev group. -type LoginV1alpha1Client struct { - restClient rest.Interface -} - -func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestInterface { - return newTokenCredentialRequests(c) -} - -// NewForConfig creates a new LoginV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new LoginV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &LoginV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new LoginV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *LoginV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new LoginV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *LoginV1alpha1Client { - return &LoginV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *LoginV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go deleted file mode 100644 index 584605dcb..000000000 --- a/generated/1.29/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. -// A group's client should implement this interface. -type TokenCredentialRequestsGetter interface { - TokenCredentialRequests() TokenCredentialRequestInterface -} - -// TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. -type TokenCredentialRequestInterface interface { - Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) - TokenCredentialRequestExpansion -} - -// tokenCredentialRequests implements TokenCredentialRequestInterface -type tokenCredentialRequests struct { - client rest.Interface -} - -// newTokenCredentialRequests returns a TokenCredentialRequests -func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { - return &tokenCredentialRequests{ - client: c.RESTClient(), - } -} - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - result = &v1alpha1.TokenCredentialRequest{} - err = c.client.Post(). - Resource("tokencredentialrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tokenCredentialRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.29/client/concierge/informers/externalversions/authentication/interface.go deleted file mode 100644 index b5fe55f25..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/authentication/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package authentication - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index ee685fd58..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorInformer provides access to a shared informer and lister for -// JWTAuthenticators. -type JWTAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.JWTAuthenticatorLister -} - -type jWTAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.JWTAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) -} - -func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { - return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index 2b82a2f66..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - authenticationv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/listers/authentication/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorInformer provides access to a shared informer and lister for -// WebhookAuthenticators. -type WebhookAuthenticatorInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookAuthenticatorLister -} - -type webhookAuthenticatorInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) - }, - }, - &authenticationv1alpha1.WebhookAuthenticator{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) -} - -func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { - return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/config/interface.go b/generated/1.29/client/concierge/informers/externalversions/config/interface.go deleted file mode 100644 index c3ddb7c1b..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/config/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package config - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go deleted file mode 100644 index a8f3162e9..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerInformer provides access to a shared informer and lister for -// CredentialIssuers. -type CredentialIssuerInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.CredentialIssuerLister -} - -type credentialIssuerInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) - }, - }, - &configv1alpha1.CredentialIssuer{}, - resyncPeriod, - indexers, - ) -} - -func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) -} - -func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { - return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/interface.go deleted file mode 100644 index 5d98f7178..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // CredentialIssuers returns a CredentialIssuerInformer. - CredentialIssuers() CredentialIssuerInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// CredentialIssuers returns a CredentialIssuerInformer. -func (v *version) CredentialIssuers() CredentialIssuerInformer { - return &credentialIssuerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.29/client/concierge/informers/externalversions/generic.go b/generated/1.29/client/concierge/informers/externalversions/generic.go deleted file mode 100644 index d4df1bbca..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/generic.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - "fmt" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// GenericInformer is type of SharedIndexInformer which will locate and delegate to other -// sharedInformers based on type -type GenericInformer interface { - Informer() cache.SharedIndexInformer - Lister() cache.GenericLister -} - -type genericInformer struct { - informer cache.SharedIndexInformer - resource schema.GroupResource -} - -// Informer returns the SharedIndexInformer. -func (f *genericInformer) Informer() cache.SharedIndexInformer { - return f.informer -} - -// Lister returns the GenericLister. -func (f *genericInformer) Lister() cache.GenericLister { - return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) -} - -// ForResource gives generic access to a shared informer of the matching type -// TODO extend this to unknown resources with a client pool -func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { - switch resource { - // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().JWTAuthenticators().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil - - // Group=config.concierge.pinniped.dev, Version=v1alpha1 - case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil - - } - - return nil, fmt.Errorf("no informer found for %v", resource) -} diff --git a/generated/1.29/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.29/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go deleted file mode 100644 index d0f5c67bd..000000000 --- a/generated/1.29/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package internalinterfaces - -import ( - time "time" - - versioned "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - cache "k8s.io/client-go/tools/cache" -) - -// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. -type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer - -// SharedInformerFactory a small interface to allow for adding an informer without an import cycle -type SharedInformerFactory interface { - Start(stopCh <-chan struct{}) - InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer -} - -// TweakListOptionsFunc is a function that transforms a v1.ListOptions. -type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.29/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.29/client/concierge/listers/authentication/v1alpha1/expansion_generated.go deleted file mode 100644 index 978c75289..000000000 --- a/generated/1.29/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// JWTAuthenticatorListerExpansion allows custom methods to be added to -// JWTAuthenticatorLister. -type JWTAuthenticatorListerExpansion interface{} - -// WebhookAuthenticatorListerExpansion allows custom methods to be added to -// WebhookAuthenticatorLister. -type WebhookAuthenticatorListerExpansion interface{} diff --git a/generated/1.29/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.29/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go deleted file mode 100644 index 342afa4f0..000000000 --- a/generated/1.29/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// JWTAuthenticatorLister helps list JWTAuthenticators. -// All objects returned here must be treated as read-only. -type JWTAuthenticatorLister interface { - // List lists all JWTAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) - // Get retrieves the JWTAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.JWTAuthenticator, error) - JWTAuthenticatorListerExpansion -} - -// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. -type jWTAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. -func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { - return &jWTAuthenticatorLister{indexer: indexer} -} - -// List lists all JWTAuthenticators in the indexer. -func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) - }) - return ret, err -} - -// Get retrieves the JWTAuthenticator from the index for a given name. -func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) - } - return obj.(*v1alpha1.JWTAuthenticator), nil -} diff --git a/generated/1.29/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.29/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go deleted file mode 100644 index ef95d1f7f..000000000 --- a/generated/1.29/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/authentication/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookAuthenticatorLister helps list WebhookAuthenticators. -// All objects returned here must be treated as read-only. -type WebhookAuthenticatorLister interface { - // List lists all WebhookAuthenticators in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) - // Get retrieves the WebhookAuthenticator from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookAuthenticator, error) - WebhookAuthenticatorListerExpansion -} - -// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. -type webhookAuthenticatorLister struct { - indexer cache.Indexer -} - -// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. -func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { - return &webhookAuthenticatorLister{indexer: indexer} -} - -// List lists all WebhookAuthenticators in the indexer. -func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) - }) - return ret, err -} - -// Get retrieves the WebhookAuthenticator from the index for a given name. -func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) - } - return obj.(*v1alpha1.WebhookAuthenticator), nil -} diff --git a/generated/1.29/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.29/client/concierge/listers/config/v1alpha1/credentialissuer.go deleted file mode 100644 index b86e811ce..000000000 --- a/generated/1.29/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// CredentialIssuerLister helps list CredentialIssuers. -// All objects returned here must be treated as read-only. -type CredentialIssuerLister interface { - // List lists all CredentialIssuers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) - // Get retrieves the CredentialIssuer from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.CredentialIssuer, error) - CredentialIssuerListerExpansion -} - -// credentialIssuerLister implements the CredentialIssuerLister interface. -type credentialIssuerLister struct { - indexer cache.Indexer -} - -// NewCredentialIssuerLister returns a new CredentialIssuerLister. -func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { - return &credentialIssuerLister{indexer: indexer} -} - -// List lists all CredentialIssuers in the indexer. -func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.CredentialIssuer)) - }) - return ret, err -} - -// Get retrieves the CredentialIssuer from the index for a given name. -func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) - } - return obj.(*v1alpha1.CredentialIssuer), nil -} diff --git a/generated/1.29/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.29/client/concierge/listers/config/v1alpha1/expansion_generated.go deleted file mode 100644 index 330aec0ec..000000000 --- a/generated/1.29/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// CredentialIssuerListerExpansion allows custom methods to be added to -// CredentialIssuerLister. -type CredentialIssuerListerExpansion interface{} diff --git a/generated/1.29/client/go.mod b/generated/1.29/client/go.mod deleted file mode 100644 index 20661ab4a..000000000 --- a/generated/1.29/client/go.mod +++ /dev/null @@ -1,53 +0,0 @@ -// This go.mod file is generated by ./hack/update.sh. -module go.pinniped.dev/generated/1.29/client - -go 1.21 - -replace go.pinniped.dev/generated/1.29/apis => ../apis - -require ( - go.pinniped.dev/generated/1.29/apis v0.0.0 - k8s.io/apimachinery v0.29.14 - k8s.io/client-go v0.29.14 - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 -) - -require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v4.12.0+incompatible // indirect - github.com/go-logr/logr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/protobuf v1.5.4 // indirect - github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.6.0 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/josharian/intern v1.0.0 // indirect - github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect - github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect - golang.org/x/net v0.23.0 // indirect - golang.org/x/oauth2 v0.10.0 // indirect - golang.org/x/sys v0.18.0 // indirect - golang.org/x/term v0.18.0 // indirect - golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.33.0 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.29.14 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect -) diff --git a/generated/1.29/client/supervisor/clientset/versioned/clientset.go b/generated/1.29/client/supervisor/clientset/versioned/clientset.go deleted file mode 100644 index 83fd15f1d..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/clientset.go +++ /dev/null @@ -1,133 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - "net/http" - - clientsecretv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface - ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface -} - -// Clientset contains the clients for groups. -type Clientset struct { - *discovery.DiscoveryClient - clientsecretV1alpha1 *clientsecretv1alpha1.ClientsecretV1alpha1Client - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client -} - -// ClientsecretV1alpha1 retrieves the ClientsecretV1alpha1Client -func (c *Clientset) ClientsecretV1alpha1() clientsecretv1alpha1.ClientsecretV1alpha1Interface { - return c.clientsecretV1alpha1 -} - -// ConfigV1alpha1 retrieves the ConfigV1alpha1Client -func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { - return c.configV1alpha1 -} - -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return c.iDPV1alpha1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - - if configShallowCopy.UserAgent == "" { - configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() - } - - // share the transport between all clients - httpClient, err := rest.HTTPClientFor(&configShallowCopy) - if err != nil { - return nil, err - } - - return NewForConfigAndClient(&configShallowCopy, httpClient) -} - -// NewForConfigAndClient creates a new Clientset for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. -func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - - var cs Clientset - var err error - cs.clientsecretV1alpha1, err = clientsecretv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - cs, err := NewForConfig(c) - if err != nil { - panic(err) - } - return cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.clientsecretV1alpha1 = clientsecretv1alpha1.New(c) - cs.configV1alpha1 = configv1alpha1.New(c) - cs.iDPV1alpha1 = idpv1alpha1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.29/client/supervisor/clientset/versioned/fake/doc.go deleted file mode 100644 index 273121fa7..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated fake clientset. -package fake diff --git a/generated/1.29/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.29/client/supervisor/clientset/versioned/scheme/doc.go deleted file mode 100644 index ae325a52e..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/scheme/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package contains the scheme of the automatically generated clientset. -package scheme diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go deleted file mode 100644 index b3915d726..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1" - "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ClientsecretV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientSecretRequestsGetter -} - -// ClientsecretV1alpha1Client is used to interact with features provided by the clientsecret.supervisor.pinniped.dev group. -type ClientsecretV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ClientsecretV1alpha1Client) OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface { - return newOIDCClientSecretRequests(c, namespace) -} - -// NewForConfig creates a new ClientsecretV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ClientsecretV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ClientsecretV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ClientsecretV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ClientsecretV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ClientsecretV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ClientsecretV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ClientsecretV1alpha1Client { - return &ClientsecretV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ClientsecretV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go deleted file mode 100644 index 00bf6c030..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeClientsecretV1alpha1 struct { - *testing.Fake -} - -func (c *FakeClientsecretV1alpha1) OIDCClientSecretRequests(namespace string) v1alpha1.OIDCClientSecretRequestInterface { - return &FakeOIDCClientSecretRequests{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeClientsecretV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go deleted file mode 100644 index bac59b08a..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type FakeOIDCClientSecretRequests struct { - Fake *FakeClientsecretV1alpha1 - ns string -} - -var oidcclientsecretrequestsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests") - -var oidcclientsecretrequestsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest") - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *FakeOIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsecretrequestsResource, c.ns, oIDCClientSecretRequest), &v1alpha1.OIDCClientSecretRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClientSecretRequest), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go deleted file mode 100644 index 98c7f1453..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientSecretRequestExpansion interface{} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go deleted file mode 100644 index fb3961c38..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" -) - -// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. -// A group's client should implement this interface. -type OIDCClientSecretRequestsGetter interface { - OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface -} - -// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. -type OIDCClientSecretRequestInterface interface { - Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*v1alpha1.OIDCClientSecretRequest, error) - OIDCClientSecretRequestExpansion -} - -// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface -type oIDCClientSecretRequests struct { - client rest.Interface - ns string -} - -// newOIDCClientSecretRequests returns a OIDCClientSecretRequests -func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { - return &oIDCClientSecretRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Create takes the representation of a oIDCClientSecretRequest and creates it. Returns the server's representation of the oIDCClientSecretRequest, and an error, if there is any. -func (c *oIDCClientSecretRequests) Create(ctx context.Context, oIDCClientSecretRequest *v1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (result *v1alpha1.OIDCClientSecretRequest, err error) { - result = &v1alpha1.OIDCClientSecretRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclientsecretrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClientSecretRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go deleted file mode 100644 index ef304ae77..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ConfigV1alpha1Interface interface { - RESTClient() rest.Interface - FederationDomainsGetter - OIDCClientsGetter -} - -// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. -type ConfigV1alpha1Client struct { - restClient rest.Interface -} - -func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDomainInterface { - return newFederationDomains(c, namespace) -} - -func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new ConfigV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &ConfigV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ConfigV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *ConfigV1alpha1Client { - return &ConfigV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go deleted file mode 100644 index 457ef9646..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeConfigV1alpha1 struct { - *testing.Fake -} - -func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { - return &FakeFederationDomains{c, namespace} -} - -func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go deleted file mode 100644 index 060b6c3a3..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeFederationDomains implements FederationDomainInterface -type FakeFederationDomains struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var federationdomainsResource = v1alpha1.SchemeGroupVersion.WithResource("federationdomains") - -var federationdomainsKind = v1alpha1.SchemeGroupVersion.WithKind("FederationDomain") - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} - for _, item := range obj.(*v1alpha1.FederationDomainList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) - -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) - return err -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.FederationDomain), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index 8d9b02407..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeConfigV1alpha1 - ns string -} - -var oidcclientsResource = v1alpha1.SchemeGroupVersion.WithResource("oidcclients") - -var oidcclientsKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCClient") - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcclientsResource, c.ns, name, opts), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go deleted file mode 100644 index 1ab92391c..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// FederationDomainsGetter has a method to return a FederationDomainInterface. -// A group's client should implement this interface. -type FederationDomainsGetter interface { - FederationDomains(namespace string) FederationDomainInterface -} - -// FederationDomainInterface has methods to work with FederationDomain resources. -type FederationDomainInterface interface { - Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) - Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) - FederationDomainExpansion -} - -// federationDomains implements FederationDomainInterface -type federationDomains struct { - client rest.Interface - ns string -} - -// newFederationDomains returns a FederationDomains -func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { - return &federationDomains{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. -func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. -func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.FederationDomainList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested federationDomains. -func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Post(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. -func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Put(). - Namespace(c.ns). - Resource("federationdomains"). - Name(federationDomain.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(federationDomain). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. -func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("federationdomains"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched federationDomain. -func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { - result = &v1alpha1.FederationDomain{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("federationdomains"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go deleted file mode 100644 index 90b617d6d..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type FederationDomainExpansion interface{} - -type OIDCClientExpansion interface{} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go deleted file mode 100644 index adcb8f426..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCClientsGetter has a method to return a OIDCClientInterface. -// A group's client should implement this interface. -type OIDCClientsGetter interface { - OIDCClients(namespace string) OIDCClientInterface -} - -// OIDCClientInterface has methods to work with OIDCClient resources. -type OIDCClientInterface interface { - Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (*v1alpha1.OIDCClient, error) - Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCClient, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCClientList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) - OIDCClientExpansion -} - -// oIDCClients implements OIDCClientInterface -type oIDCClients struct { - client rest.Interface - ns string -} - -// newOIDCClients returns a OIDCClients -func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { - return &oIDCClients{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *oIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *oIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCClientList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *oIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *oIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcclients"). - Name(oIDCClient.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCClient). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *oIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcclients"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *oIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - result = &v1alpha1.OIDCClient{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcclients"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index f0aa6e928..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. -// A group's client should implement this interface. -type ActiveDirectoryIdentityProvidersGetter interface { - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface -} - -// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. -type ActiveDirectoryIdentityProviderInterface interface { - Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) - ActiveDirectoryIdentityProviderExpansion -} - -// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type activeDirectoryIdentityProviders struct { - client rest.Interface - ns string -} - -// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders -func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { - return &activeDirectoryIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ActiveDirectoryIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(activeDirectoryIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(activeDirectoryIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - result = &v1alpha1.ActiveDirectoryIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("activedirectoryidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go deleted file mode 100644 index f14cdb7da..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go deleted file mode 100644 index e4fd45530..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go deleted file mode 100644 index 4548d515e..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface -type FakeActiveDirectoryIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var activedirectoryidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders") - -var activedirectoryidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider") - -// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. -func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. -func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. -func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} - -// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. -func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go deleted file mode 100644 index 77cd8b270..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeGitHubIdentityProviders implements GitHubIdentityProviderInterface -type FakeGitHubIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var githubidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders") - -var githubidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider") - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *FakeGitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(githubidentityprovidersResource, c.ns, name), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *FakeGitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(githubidentityprovidersResource, githubidentityprovidersKind, c.ns, opts), &v1alpha1.GitHubIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.GitHubIdentityProviderList{ListMeta: obj.(*v1alpha1.GitHubIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.GitHubIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *FakeGitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(githubidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *FakeGitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(githubidentityprovidersResource, c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeGitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(githubidentityprovidersResource, "status", c.ns, gitHubIdentityProvider), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeGitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(githubidentityprovidersResource, c.ns, name, opts), &v1alpha1.GitHubIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeGitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(githubidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.GitHubIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *FakeGitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(githubidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.GitHubIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.GitHubIdentityProvider), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go deleted file mode 100644 index 71f56ba28..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeIDPV1alpha1 struct { - *testing.Fake -} - -func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { - return &FakeActiveDirectoryIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) GitHubIdentityProviders(namespace string) v1alpha1.GitHubIdentityProviderInterface { - return &FakeGitHubIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { - return &FakeLDAPIdentityProviders{c, namespace} -} - -func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { - return &FakeOIDCIdentityProviders{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go deleted file mode 100644 index 8cb9991cb..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface -type FakeLDAPIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var ldapidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders") - -var ldapidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider") - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.LDAPIdentityProvider), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go deleted file mode 100644 index 7e3322e57..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface -type FakeOIDCIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var oidcidentityprovidersResource = v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders") - -var oidcidentityprovidersKind = v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider") - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCIdentityProvider), err -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go deleted file mode 100644 index c65a11227..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type ActiveDirectoryIdentityProviderExpansion interface{} - -type GitHubIdentityProviderExpansion interface{} - -type LDAPIdentityProviderExpansion interface{} - -type OIDCIdentityProviderExpansion interface{} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 431181129..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. -// A group's client should implement this interface. -type GitHubIdentityProvidersGetter interface { - GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface -} - -// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. -type GitHubIdentityProviderInterface interface { - Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.GitHubIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.GitHubIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.GitHubIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) - GitHubIdentityProviderExpansion -} - -// gitHubIdentityProviders implements GitHubIdentityProviderInterface -type gitHubIdentityProviders struct { - client rest.Interface - ns string -} - -// newGitHubIdentityProviders returns a GitHubIdentityProviders -func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { - return &gitHubIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the gitHubIdentityProvider, and returns the corresponding gitHubIdentityProvider object, and an error if there is any. -func (c *gitHubIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of GitHubIdentityProviders that match those selectors. -func (c *gitHubIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.GitHubIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.GitHubIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested gitHubIdentityProviders. -func (c *gitHubIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a gitHubIdentityProvider and creates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Create(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a gitHubIdentityProvider and updates it. Returns the server's representation of the gitHubIdentityProvider, and an error, if there is any. -func (c *gitHubIdentityProviders) Update(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *gitHubIdentityProviders) UpdateStatus(ctx context.Context, gitHubIdentityProvider *v1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(gitHubIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(gitHubIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the gitHubIdentityProvider and deletes it. Returns an error if one occurs. -func (c *gitHubIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *gitHubIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("githubidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched gitHubIdentityProvider. -func (c *gitHubIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.GitHubIdentityProvider, err error) { - result = &v1alpha1.GitHubIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("githubidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 1d012d639..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. -// A group's client should implement this interface. -type LDAPIdentityProvidersGetter interface { - LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface -} - -// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. -type LDAPIdentityProviderInterface interface { - Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) - LDAPIdentityProviderExpansion -} - -// lDAPIdentityProviders implements LDAPIdentityProviderInterface -type lDAPIdentityProviders struct { - client rest.Interface - ns string -} - -// newLDAPIdentityProviders returns a LDAPIdentityProviders -func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { - return &lDAPIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. -func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. -func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.LDAPIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. -func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. -func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(lDAPIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(lDAPIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. -func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("ldapidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched lDAPIdentityProvider. -func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { - result = &v1alpha1.LDAPIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("ldapidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 8f4c0b25f..000000000 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. -// A group's client should implement this interface. -type OIDCIdentityProvidersGetter interface { - OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface -} - -// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. -type OIDCIdentityProviderInterface interface { - Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) - OIDCIdentityProviderExpansion -} - -// oIDCIdentityProviders implements OIDCIdentityProviderInterface -type oIDCIdentityProviders struct { - client rest.Interface - ns string -} - -// newOIDCIdentityProviders returns a OIDCIdentityProviders -func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { - return &oIDCIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. -func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. -func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.OIDCIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. -func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. -func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(oIDCIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(oIDCIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. -func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("oidcidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched oIDCIdentityProvider. -func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { - result = &v1alpha1.OIDCIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("oidcidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/config/interface.go b/generated/1.29/client/supervisor/informers/externalversions/config/interface.go deleted file mode 100644 index daa880be7..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/config/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package config - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go deleted file mode 100644 index 814736460..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// FederationDomainInformer provides access to a shared informer and lister for -// FederationDomains. -type FederationDomainInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.FederationDomainLister -} - -type federationDomainInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) - }, - }, - &configv1alpha1.FederationDomain{}, - resyncPeriod, - indexers, - ) -} - -func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) -} - -func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { - return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/interface.go deleted file mode 100644 index a6b20be2c..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // FederationDomains returns a FederationDomainInformer. - FederationDomains() FederationDomainInformer - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// FederationDomains returns a FederationDomainInformer. -func (v *version) FederationDomains() FederationDomainInformer { - return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 46b3a5c15..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for -// ActiveDirectoryIdentityProviders. -type ActiveDirectoryIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.ActiveDirectoryIdentityProviderLister -} - -type activeDirectoryIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.ActiveDirectoryIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) -} - -func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { - return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go deleted file mode 100644 index 81bcfdf3c..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// GitHubIdentityProviderInformer provides access to a shared informer and lister for -// GitHubIdentityProviders. -type GitHubIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.GitHubIdentityProviderLister -} - -type gitHubIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredGitHubIdentityProviderInformer constructs a new informer for GitHubIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.GitHubIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredGitHubIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) -} - -func (f *gitHubIdentityProviderInformer) Lister() v1alpha1.GitHubIdentityProviderLister { - return v1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go deleted file mode 100644 index 40bc64e19..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. - ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer - // GitHubIdentityProviders returns a GitHubIdentityProviderInformer. - GitHubIdentityProviders() GitHubIdentityProviderInformer - // LDAPIdentityProviders returns a LDAPIdentityProviderInformer. - LDAPIdentityProviders() LDAPIdentityProviderInformer - // OIDCIdentityProviders returns a OIDCIdentityProviderInformer. - OIDCIdentityProviders() OIDCIdentityProviderInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. -func (v *version) ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer { - return &activeDirectoryIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// GitHubIdentityProviders returns a GitHubIdentityProviderInformer. -func (v *version) GitHubIdentityProviders() GitHubIdentityProviderInformer { - return &gitHubIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// LDAPIdentityProviders returns a LDAPIdentityProviderInformer. -func (v *version) LDAPIdentityProviders() LDAPIdentityProviderInformer { - return &lDAPIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// OIDCIdentityProviders returns a OIDCIdentityProviderInformer. -func (v *version) OIDCIdentityProviders() OIDCIdentityProviderInformer { - return &oIDCIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 186c29048..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// LDAPIdentityProviderInformer provides access to a shared informer and lister for -// LDAPIdentityProviders. -type LDAPIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.LDAPIdentityProviderLister -} - -type lDAPIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.LDAPIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) -} - -func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { - return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index 79bdbf3eb..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// OIDCIdentityProviderInformer provides access to a shared informer and lister for -// OIDCIdentityProviders. -type OIDCIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCIdentityProviderLister -} - -type oIDCIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.OIDCIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) -} - -func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { - return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go deleted file mode 100644 index 663039785..000000000 --- a/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package internalinterfaces - -import ( - time "time" - - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - cache "k8s.io/client-go/tools/cache" -) - -// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. -type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer - -// SharedInformerFactory a small interface to allow for adding an informer without an import cycle -type SharedInformerFactory interface { - Start(stopCh <-chan struct{}) - InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer -} - -// TweakListOptionsFunc is a function that transforms a v1.ListOptions. -type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.29/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.29/client/supervisor/listers/config/v1alpha1/expansion_generated.go deleted file mode 100644 index effe04ea8..000000000 --- a/generated/1.29/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// FederationDomainListerExpansion allows custom methods to be added to -// FederationDomainLister. -type FederationDomainListerExpansion interface{} - -// FederationDomainNamespaceListerExpansion allows custom methods to be added to -// FederationDomainNamespaceLister. -type FederationDomainNamespaceListerExpansion interface{} - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.29/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.29/client/supervisor/listers/config/v1alpha1/federationdomain.go deleted file mode 100644 index 7f3db10a1..000000000 --- a/generated/1.29/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// FederationDomainLister helps list FederationDomains. -// All objects returned here must be treated as read-only. -type FederationDomainLister interface { - // List lists all FederationDomains in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) - // FederationDomains returns an object that can list and get FederationDomains. - FederationDomains(namespace string) FederationDomainNamespaceLister - FederationDomainListerExpansion -} - -// federationDomainLister implements the FederationDomainLister interface. -type federationDomainLister struct { - indexer cache.Indexer -} - -// NewFederationDomainLister returns a new FederationDomainLister. -func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { - return &federationDomainLister{indexer: indexer} -} - -// List lists all FederationDomains in the indexer. -func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// FederationDomains returns an object that can list and get FederationDomains. -func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { - return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// FederationDomainNamespaceLister helps list and get FederationDomains. -// All objects returned here must be treated as read-only. -type FederationDomainNamespaceLister interface { - // List lists all FederationDomains in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) - // Get retrieves the FederationDomain from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.FederationDomain, error) - FederationDomainNamespaceListerExpansion -} - -// federationDomainNamespaceLister implements the FederationDomainNamespaceLister -// interface. -type federationDomainNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all FederationDomains in the indexer for a given namespace. -func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// Get retrieves the FederationDomain from the indexer for a given namespace and name. -func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) - } - return obj.(*v1alpha1.FederationDomain), nil -} diff --git a/generated/1.29/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.29/client/supervisor/listers/config/v1alpha1/oidcclient.go deleted file mode 100644 index 674644f9f..000000000 --- a/generated/1.29/client/supervisor/listers/config/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.29/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.29/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go deleted file mode 100644 index 9206ba67c..000000000 --- a/generated/1.29/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. -// All objects returned here must be treated as read-only. -type ActiveDirectoryIdentityProviderLister interface { - // List lists all ActiveDirectoryIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) - // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. - ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister - ActiveDirectoryIdentityProviderListerExpansion -} - -// activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. -type activeDirectoryIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. -func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { - return &activeDirectoryIdentityProviderLister{indexer: indexer} -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer. -func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. -func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { - return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. -// All objects returned here must be treated as read-only. -type ActiveDirectoryIdentityProviderNamespaceLister interface { - // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) - // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) - ActiveDirectoryIdentityProviderNamespaceListerExpansion -} - -// activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister -// interface. -type activeDirectoryIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. -func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. -func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil -} diff --git a/generated/1.29/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.29/client/supervisor/listers/idp/v1alpha1/expansion_generated.go deleted file mode 100644 index ffcb6c289..000000000 --- a/generated/1.29/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// ActiveDirectoryIdentityProviderListerExpansion allows custom methods to be added to -// ActiveDirectoryIdentityProviderLister. -type ActiveDirectoryIdentityProviderListerExpansion interface{} - -// ActiveDirectoryIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// ActiveDirectoryIdentityProviderNamespaceLister. -type ActiveDirectoryIdentityProviderNamespaceListerExpansion interface{} - -// GitHubIdentityProviderListerExpansion allows custom methods to be added to -// GitHubIdentityProviderLister. -type GitHubIdentityProviderListerExpansion interface{} - -// GitHubIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// GitHubIdentityProviderNamespaceLister. -type GitHubIdentityProviderNamespaceListerExpansion interface{} - -// LDAPIdentityProviderListerExpansion allows custom methods to be added to -// LDAPIdentityProviderLister. -type LDAPIdentityProviderListerExpansion interface{} - -// LDAPIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// LDAPIdentityProviderNamespaceLister. -type LDAPIdentityProviderNamespaceListerExpansion interface{} - -// OIDCIdentityProviderListerExpansion allows custom methods to be added to -// OIDCIdentityProviderLister. -type OIDCIdentityProviderListerExpansion interface{} - -// OIDCIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// OIDCIdentityProviderNamespaceLister. -type OIDCIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.29/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.29/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go deleted file mode 100644 index 1d2838b50..000000000 --- a/generated/1.29/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// LDAPIdentityProviderLister helps list LDAPIdentityProviders. -// All objects returned here must be treated as read-only. -type LDAPIdentityProviderLister interface { - // List lists all LDAPIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) - // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. - LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister - LDAPIdentityProviderListerExpansion -} - -// lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. -type lDAPIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. -func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { - return &lDAPIdentityProviderLister{indexer: indexer} -} - -// List lists all LDAPIdentityProviders in the indexer. -func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. -func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { - return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. -// All objects returned here must be treated as read-only. -type LDAPIdentityProviderNamespaceLister interface { - // List lists all LDAPIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) - // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.LDAPIdentityProvider, error) - LDAPIdentityProviderNamespaceListerExpansion -} - -// lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister -// interface. -type lDAPIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all LDAPIdentityProviders in the indexer for a given namespace. -func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. -func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) - } - return obj.(*v1alpha1.LDAPIdentityProvider), nil -} diff --git a/generated/1.29/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.29/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go deleted file mode 100644 index a072ea6ec..000000000 --- a/generated/1.29/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCIdentityProviderLister helps list OIDCIdentityProviders. -// All objects returned here must be treated as read-only. -type OIDCIdentityProviderLister interface { - // List lists all OIDCIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) - // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. - OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister - OIDCIdentityProviderListerExpansion -} - -// oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. -type oIDCIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. -func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { - return &oIDCIdentityProviderLister{indexer: indexer} -} - -// List lists all OIDCIdentityProviders in the indexer. -func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. -func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { - return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. -// All objects returned here must be treated as read-only. -type OIDCIdentityProviderNamespaceLister interface { - // List lists all OIDCIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) - // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCIdentityProvider, error) - OIDCIdentityProviderNamespaceListerExpansion -} - -// oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister -// interface. -type oIDCIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCIdentityProviders in the indexer for a given namespace. -func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. -func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) - } - return obj.(*v1alpha1.OIDCIdentityProvider), nil -} diff --git a/generated/1.29/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.29/client/supervisor/openapi/zz_generated.openapi.go deleted file mode 100644 index 55a7fe087..000000000 --- a/generated/1.29/client/supervisor/openapi/zz_generated.openapi.go +++ /dev/null @@ -1,2653 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by openapi-gen. DO NOT EDIT. - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - common "k8s.io/kube-openapi/pkg/common" - spec "k8s.io/kube-openapi/pkg/validation/spec" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of OIDCClientSecretRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generateNewSecret": { - SchemaProps: spec.SchemaProps{ - Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "revokeOldSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of the OIDCClientSecretRequest.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "generatedSecret": { - SchemaProps: spec.SchemaProps{ - Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", - Type: []string{"string"}, - Format: "", - }, - }, - "totalClientSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"totalClientSecrets"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the name of the group.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the versions supported in this group.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - }, - }, - }, - "preferredVersion": { - SchemaProps: spec.SchemaProps{ - Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"name", "versions"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "groups is a list of APIGroup.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"groups"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, - } -} - -func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResource specifies the name of a resource and whether it is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is the plural name of the resource.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "singularName": { - SchemaProps: spec.SchemaProps{ - Description: "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "namespaced": { - SchemaProps: spec.SchemaProps{ - Description: "namespaced indicates if a resource is namespaced or not.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "verbs": { - SchemaProps: spec.SchemaProps{ - Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "shortNames": { - SchemaProps: spec.SchemaProps{ - Description: "shortNames is a list of suggested short names of the resource.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "categories": { - SchemaProps: spec.SchemaProps{ - Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "storageVersionHash": { - SchemaProps: spec.SchemaProps{ - Description: "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "singularName", "namespaced", "kind", "verbs"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion is the group and version this APIResourceList is for.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resources": { - SchemaProps: spec.SchemaProps{ - Description: "resources contains the name of the resources and if they are namespaced.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), - }, - }, - }, - }, - }, - }, - Required: []string{"groupVersion", "resources"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, - } -} - -func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "versions": { - SchemaProps: spec.SchemaProps{ - Description: "versions are the api versions that are available.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "serverAddressByClientCIDRs": { - SchemaProps: spec.SchemaProps{ - Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), - }, - }, - }, - }, - }, - }, - Required: []string{"versions", "serverAddressByClientCIDRs"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, - } -} - -func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ApplyOptions may be provided when applying an API object. FieldManager is required for apply requests. ApplyOptions is equivalent to PatchOptions. It is provided as a convenience with documentation that speaks specifically to how the options fields relate to apply.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people.", - Default: false, - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"force", "fieldManager"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition contains details for one aspect of the current state of this API Resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CreateOptions may be provided when creating an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "DeleteOptions may be provided when deleting an API object.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "gracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "preconditions": { - SchemaProps: spec.SchemaProps{ - Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), - }, - }, - "orphanDependents": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "propagationPolicy": { - SchemaProps: spec.SchemaProps{ - Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, - } -} - -func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_FieldsV1(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.\n\nEach key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:', where is the name of a field in a struct, or key in a map 'v:', where is the exact json formatted value of a list item 'i:', where is position of a item in a list 'k:', where is a map of a list item's key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.\n\nThe exact format is defined in sigs.k8s.io/structured-merge-diff", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GetOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GetOptions is the standard query options to the standard REST get call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "groupVersion": { - SchemaProps: spec.SchemaProps{ - Description: "groupVersion specifies the API group and version in the form \"group/version\"", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"groupVersion", "version"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionKind(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "kind"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_GroupVersionResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "group": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resource": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"group", "version", "resource"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "InternalEvent makes watch.Event versioned", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "Type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "Object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), - }, - }, - }, - Required: []string{"Type", "Object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "matchLabels": { - SchemaProps: spec.SchemaProps{ - Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "matchExpressions": { - SchemaProps: spec.SchemaProps{ - Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), - }, - }, - }, - }, - }, - }, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, - } -} - -func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - SchemaProps: spec.SchemaProps{ - Description: "key is the label key that the selector applies to.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "operator": { - SchemaProps: spec.SchemaProps{ - Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"key", "operator"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List holds a list of objects, which may not be known by the server.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "List of objects", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", - Type: []string{"string"}, - Format: "", - }, - }, - "remainingItemCount": { - SchemaProps: spec.SchemaProps{ - Description: "remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is *estimating* the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ListOptions is the query options to a standard REST list call.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "labelSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldSelector": { - SchemaProps: spec.SchemaProps{ - Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - Type: []string{"string"}, - Format: "", - }, - }, - "watch": { - SchemaProps: spec.SchemaProps{ - Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "allowWatchBookmarks": { - SchemaProps: spec.SchemaProps{ - Description: "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersionMatch": { - SchemaProps: spec.SchemaProps{ - Description: "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - Type: []string{"string"}, - Format: "", - }, - }, - "timeoutSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "limit": { - SchemaProps: spec.SchemaProps{ - Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "continue": { - SchemaProps: spec.SchemaProps{ - Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - Type: []string{"string"}, - Format: "", - }, - }, - "sendInitialEvents": { - SchemaProps: spec.SchemaProps{ - Description: "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "manager": { - SchemaProps: spec.SchemaProps{ - Description: "Manager is an identifier of the workflow managing these fields.", - Type: []string{"string"}, - Format: "", - }, - }, - "operation": { - SchemaProps: spec.SchemaProps{ - Description: "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", - Type: []string{"string"}, - Format: "", - }, - }, - "time": { - SchemaProps: spec.SchemaProps{ - Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "fieldsType": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: \"FieldsV1\"", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldsV1": { - SchemaProps: spec.SchemaProps{ - Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), - }, - }, - "subresource": { - SchemaProps: spec.SchemaProps{ - Description: "Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Type: []string{"string"}, - Format: "", - }, - }, - "generateName": { - SchemaProps: spec.SchemaProps{ - Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will return a 409.\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency", - Type: []string{"string"}, - Format: "", - }, - }, - "namespace": { - SchemaProps: spec.SchemaProps{ - Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces", - Type: []string{"string"}, - Format: "", - }, - }, - "selfLink": { - SchemaProps: spec.SchemaProps{ - Description: "Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", - Type: []string{"string"}, - Format: "", - }, - }, - "generation": { - SchemaProps: spec.SchemaProps{ - Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "creationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "deletionGracePeriodSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "labels": { - SchemaProps: spec.SchemaProps{ - Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "annotations": { - SchemaProps: spec.SchemaProps{ - Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "ownerReferences": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "uid", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), - }, - }, - }, - }, - }, - "finalizers": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "managedFields": { - SchemaProps: spec.SchemaProps{ - Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "API version of the referent.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "controller": { - SchemaProps: spec.SchemaProps{ - Description: "If true, this reference points to the managing controller.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "blockOwnerDeletion": { - SchemaProps: spec.SchemaProps{ - Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"apiVersion", "kind", "name", "uid"}, - }, - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-map-type": "atomic", - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PartialObjectMetadataList contains a list of objects containing only their metadata", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "items contains each of the included items.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, - } -} - -func schema_pkg_apis_meta_v1_Patch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PatchOptions may be provided when patching an API object. PatchOptions is meant to be a superset of UpdateOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "force": { - SchemaProps: spec.SchemaProps{ - Description: "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - Type: []string{"boolean"}, - Format: "", - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Preconditions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target UID.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceVersion": { - SchemaProps: spec.SchemaProps{ - Description: "Specifies the target ResourceVersion", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "paths": { - SchemaProps: spec.SchemaProps{ - Description: "paths are the paths available at root.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"paths"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "clientCIDR": { - SchemaProps: spec.SchemaProps{ - Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "serverAddress": { - SchemaProps: spec.SchemaProps{ - Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"clientCIDR", "serverAddress"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is a return value for calls that don't return other objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the status of this operation.", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - Type: []string{"string"}, - Format: "", - }, - }, - "details": { - SchemaProps: spec.SchemaProps{ - Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), - }, - }, - "code": { - SchemaProps: spec.SchemaProps{ - Description: "Suggested HTTP return code for this status, 0 if not set.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, - } -} - -func schema_pkg_apis_meta_v1_StatusCause(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", - Type: []string{"string"}, - Format: "", - }, - }, - "field": { - SchemaProps: spec.SchemaProps{ - Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", - Type: []string{"string"}, - Format: "", - }, - }, - "group": { - SchemaProps: spec.SchemaProps{ - Description: "The group attribute of the resource associated with the status StatusReason.", - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", - Type: []string{"string"}, - Format: "", - }, - }, - "causes": { - SchemaProps: spec.SchemaProps{ - Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), - }, - }, - }, - }, - }, - "retryAfterSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, - } -} - -func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "columnDefinitions": { - SchemaProps: spec.SchemaProps{ - Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), - }, - }, - }, - }, - }, - "rows": { - SchemaProps: spec.SchemaProps{ - Description: "rows is the list of items in the table.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), - }, - }, - }, - }, - }, - }, - Required: []string{"columnDefinitions", "rows"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, - } -} - -func schema_pkg_apis_meta_v1_TableColumnDefinition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableColumnDefinition contains information about a column returned in the Table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "name is a human readable name for the column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type is an OpenAPI type definition for this column, such as number, integer, string, or array. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "format": { - SchemaProps: spec.SchemaProps{ - Description: "format is an optional OpenAPI type modifier for this column. A format modifies the type and imposes additional rules, like date or time formatting for a string. The 'name' format is applied to the primary identifier column which has type 'string' to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "description": { - SchemaProps: spec.SchemaProps{ - Description: "description is a human readable description of this column.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "priority": { - SchemaProps: spec.SchemaProps{ - Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"name", "type", "format", "description", "priority"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableOptions are used when a Table is requested by the caller.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "includeObject": { - SchemaProps: spec.SchemaProps{ - Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRow is an individual row in a table.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "cells": { - SchemaProps: spec.SchemaProps{ - Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Format: "", - }, - }, - }, - }, - }, - "conditions": { - SchemaProps: spec.SchemaProps{ - Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), - }, - }, - }, - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"cells"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_pkg_apis_meta_v1_TableRowCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TableRowCondition allows a row to be marked with additional information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type of row condition. The only defined value is 'Completed' indicating that the object this row represents has reached a completed state and may be given less visual priority than other rows. Clients are not required to honor any conditions but should be consistent where possible about handling the conditions.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the condition, one of True, False, Unknown.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "(brief) machine readable reason for the condition's last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "Human readable message indicating details about last transition.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), - }, - }, - } -} - -func schema_pkg_apis_meta_v1_Timestamp(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "seconds": { - SchemaProps: spec.SchemaProps{ - Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.", - Default: 0, - Type: []string{"integer"}, - Format: "int64", - }, - }, - "nanos": { - SchemaProps: spec.SchemaProps{ - Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"seconds", "nanos"}, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UpdateOptions may be provided when updating an API object. All fields in UpdateOptions should also be present in PatchOptions.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "dryRun": { - SchemaProps: spec.SchemaProps{ - Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "fieldManager": { - SchemaProps: spec.SchemaProps{ - Description: "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - Type: []string{"string"}, - Format: "", - }, - }, - "fieldValidation": { - SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Event represents a single event to a watched resource.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "object": { - SchemaProps: spec.SchemaProps{ - Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, - }, - Required: []string{"type", "object"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.Object `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// External package:\n\n\ttype MyAPIObject struct {\n\t\truntime.TypeMeta `json:\",inline\"`\n\t\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n\t}\n\n\ttype PluginA struct {\n\t\tAOption string `json:\"aOption\"`\n\t}\n\n// On the wire, the JSON will look something like this:\n\n\t{\n\t\t\"kind\":\"MyAPIObject\",\n\t\t\"apiVersion\":\"v1\",\n\t\t\"myPlugin\": {\n\t\t\t\"kind\":\"PluginA\",\n\t\t\t\"aOption\":\"foo\",\n\t\t},\n\t}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", - Type: []string{"object"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this:\n\n\ttype MyAwesomeAPIObject struct {\n\t runtime.TypeMeta `json:\",inline\"`\n\t ... // other fields\n\t}\n\nfunc (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "kind": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "ContentEncoding": { - SchemaProps: spec.SchemaProps{ - Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "ContentType": { - SchemaProps: spec.SchemaProps{ - Description: "ContentType is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"ContentEncoding", "ContentType"}, - }, - }, - } -} - -func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Info contains versioning information. how we'll want to distribute that information.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "major": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "minor": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitCommit": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "gitTreeState": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "buildDate": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "goVersion": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "compiler": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "platform": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"}, - }, - }, - } -} diff --git a/generated/1.29/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.29/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml deleted file mode 100644 index f235e0fc5..000000000 --- a/generated/1.29/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ /dev/null @@ -1,431 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: jwtauthenticators.authentication.concierge.pinniped.dev -spec: - group: authentication.concierge.pinniped.dev - names: - categories: - - pinniped - - pinniped-authenticator - - pinniped-authenticators - kind: JWTAuthenticator - listKind: JWTAuthenticatorList - plural: jwtauthenticators - singular: jwtauthenticator - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .spec.audience - name: Audience - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - JWTAuthenticator describes the configuration of a JWT authenticator. - - Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid - signature, existence of claims, etc.) and extract the username and groups from the token. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec for configuring the authenticator. - properties: - audience: - description: audience is the required value of the "aud" JWT claim. - minLength: 1 - type: string - claimValidationRules: - description: |- - claimValidationRules are rules that are applied to validate token claims to authenticate users. - This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, mistakes in this - configuration will cause the user's login to fail. - items: - description: ClaimValidationRule provides the configuration for - a single claim validation rule. - properties: - claim: - description: |- - claim is the name of a required claim. - Only string claim keys are supported. - Mutually exclusive with expression and message. - type: string - expression: - description: |- - expression represents the expression which will be evaluated by CEL. - Must produce a boolean. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - Must return true for the validation to pass. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with claim and requiredValue. - type: string - message: - description: |- - message customizes the returned error message when expression returns false. - message is a literal string. - Mutually exclusive with claim and requiredValue. - type: string - requiredValue: - description: |- - requiredValue is the value of a required claim. - Only string claim values are supported. - If claim is set and requiredValue is not set, the claim must be present with a value set to the empty string. - Mutually exclusive with expression and message. - type: string - type: object - type: array - claims: - description: |- - claims allows customization of the claims that will be mapped to user identity - for Kubernetes access. - properties: - extra: - description: |- - extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - - However, note that the Pinniped Concierge issues client certificates to users for the purpose - of authenticating, and the Kubernetes API server does not have any mechanism for transmitting - auth extras via client certificates. When configured, these extras will appear in client - certificates issued by the Pinniped Supervisor in the x509 Subject field as Organizational - Units (OU). However, when this client certificate is presented to Kubernetes for authentication, - Kubernetes will ignore these extras. This is probably only useful if you are using a custom - authenticating proxy in front of your Kubernetes API server which can translate these OUs into - auth extras, as described by - https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to either a string or an array of strings, or else the user's login will fail. - - These keys must be a domain-prefixed path (such as "acme.io/foo") and must not contain an equals sign ("="). - - expression must produce a string or string array value. - If the value is empty, the extra mapping will not be present. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - hard-coded extra key/value - - key: "acme.io/foo" - valueExpression: "'bar'" - This will result in an extra attribute - acme.io/foo: ["bar"] - - hard-coded key, value copying claim value - - key: "acme.io/foo" - valueExpression: "claims.some_claim" - This will result in an extra attribute - acme.io/foo: [value of some_claim] - - hard-coded key, value derived from claim value - - key: "acme.io/admin" - valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""' - This will result in: - - if is_admin claim is present and true, extra attribute - acme.io/admin: ["true"] - - if is_admin claim is present and false or is_admin claim is not present, no extra attribute will be added - items: - description: ExtraMapping provides the configuration for a single - extra mapping. - properties: - key: - description: |- - key is a string to use as the extra attribute key. - key must be a domain-prefix path (e.g. example.org/foo). All characters before the first "/" must be a valid - subdomain as defined by RFC 1123. All characters trailing the first "/" must - be valid HTTP Path characters as defined by RFC 3986. - key must be lowercase. - Required to be unique. - Additionally, the key must not contain an equals sign ("="). - type: string - valueExpression: - description: |- - valueExpression is a CEL expression to extract extra attribute value. - valueExpression must produce a string or string array value. - "", [], and null values are treated as the extra mapping not being present. - Empty string values contained within a string array are filtered out. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - type: string - required: - - key - - valueExpression - type: object - type: array - groups: - description: |- - groups is the name of the claim which should be read to extract the user's - group membership from the JWT token. When not specified, it will default to "groups", - unless groupsExpression is specified. - - Mutually exclusive with groupsExpression. Use either groups or groupsExpression to - determine the user's group membership from the JWT token. - type: string - groupsExpression: - description: |- - groupsExpression represents an expression which will be evaluated by CEL. - The expression's result will become the user's group memberships. - - groupsExpression is similar to claimMappings.groups.expression from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to one of the expected types without errors, or else the user's login will fail. - Additionally, mistakes in this configuration can cause the users to have unintended group memberships. - - The expression must produce a string or string array value. - "", [], and null values are treated as the group mapping not being present. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with groups. Use either groups or groupsExpression to - determine the user's group membership from the JWT token. - type: string - username: - description: |- - username is the name of the claim which should be read to extract the - username from the JWT token. When not specified, it will default to "username", - unless usernameExpression is specified. - - Mutually exclusive with usernameExpression. Use either username or usernameExpression to - determine the user's username from the JWT token. - type: string - usernameExpression: - description: |- - usernameExpression represents an expression which will be evaluated by CEL. - The expression's result will become the user's username. - - usernameExpression is similar to claimMappings.username.expression from Kubernetes AuthenticationConfiguration - as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, each of these CEL expressions - must evaluate to the expected type without errors, or else the user's login will fail. - Additionally, mistakes in this configuration can cause the users to have unintended usernames. - - The expression must produce a non-empty string value. - If the expression uses 'claims.email', then 'claims.email_verified' must be used in - the expression or extra[*].valueExpression or claimValidationRules[*].expression. - An example claim validation rule expression that matches the validation automatically - applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. - By explicitly comparing the value to true, we let type-checking see the result will be a boolean, - and to make sure a non-boolean email_verified claim will be caught at runtime. - - CEL expressions have access to the contents of the token claims, organized into CEL variable: - - 'claims' is a map of claim names to claim values. - For example, a variable named 'sub' can be accessed as 'claims.sub'. - Nested claims can be accessed using dot notation, e.g. 'claims.foo.bar'. - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - - Mutually exclusive with username. Use either username or usernameExpression to - determine the user's username from the JWT token. - type: string - type: object - issuer: - description: |- - issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is - also used to validate the "iss" JWT claim. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: tls is the configuration for communicating with the OIDC - provider via TLS. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userValidationRules: - description: |- - userValidationRules are rules that are applied to final user before completing authentication. - These allow invariants to be applied to incoming identities such as preventing the - use of the system: prefix that is commonly used by Kubernetes components. - The validation rules are logically ANDed together and must all return true for the validation to pass. - This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in - https://kubernetes.io/docs/reference/access-authn-authz/authentication. - This is an advanced configuration option. During an end-user login flow, mistakes in this - configuration will cause the user's login to fail. - items: - description: UserValidationRule provides the configuration for a - single user info validation rule. - properties: - expression: - description: |- - expression represents the expression which will be evaluated by CEL. - Must return true for the validation to pass. - - CEL expressions have access to the contents of UserInfo, organized into CEL variable: - - 'user' - authentication.k8s.io/v1, Kind=UserInfo object - Refer to https://github.com/kubernetes/api/blob/release-1.28/authentication/v1/types.go#L105-L122 for the definition. - API documentation: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#userinfo-v1-authentication-k8s-io - - Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ - type: string - message: - description: |- - message customizes the returned error message when rule returns false. - message is a literal string. - type: string - required: - - expression - type: object - type: array - required: - - audience - - issuer - type: object - status: - description: status of the authenticator. - properties: - conditions: - description: Represents the observations of the authenticator's current - state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the JWTAuthenticator. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.29/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml deleted file mode 100644 index d42381eef..000000000 --- a/generated/1.29/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ /dev/null @@ -1,185 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: webhookauthenticators.authentication.concierge.pinniped.dev -spec: - group: authentication.concierge.pinniped.dev - names: - categories: - - pinniped - - pinniped-authenticator - - pinniped-authenticators - kind: WebhookAuthenticator - listKind: WebhookAuthenticatorList - plural: webhookauthenticators - singular: webhookauthenticator - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: WebhookAuthenticator describes the configuration of a webhook - authenticator. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the authenticator. - properties: - endpoint: - description: Webhook server endpoint URL. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: TLS configuration. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - required: - - endpoint - type: object - status: - description: Status of the authenticator. - properties: - conditions: - description: Represents the observations of the authenticator's current - state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the WebhookAuthenticator. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.29/crds/config.concierge.pinniped.dev_credentialissuers.yaml deleted file mode 100644 index 84f4b9ab8..000000000 --- a/generated/1.29/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ /dev/null @@ -1,243 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: credentialissuers.config.concierge.pinniped.dev -spec: - group: config.concierge.pinniped.dev - names: - categories: - - pinniped - kind: CredentialIssuer - listKind: CredentialIssuerList - plural: credentialissuers - singular: credentialissuer - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.impersonationProxy.mode - name: ProxyMode - type: string - - jsonPath: .status.strategies[?(@.status == "Success")].type - name: DefaultStrategy - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: CredentialIssuer describes the configuration and status of the - Pinniped Concierge credential issuer. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec describes the intended configuration of the Concierge. - properties: - impersonationProxy: - description: ImpersonationProxy describes the intended configuration - of the Concierge impersonation proxy. - properties: - externalEndpoint: - description: |- - ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will - be served using the external name of the LoadBalancer service or the cluster service DNS name. - - This field must be non-empty when spec.impersonationProxy.service.type is "None". - type: string - mode: - description: |- - Mode configures whether the impersonation proxy should be started: - - "disabled" explicitly disables the impersonation proxy. This is the default. - - "enabled" explicitly enables the impersonation proxy. - - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. - enum: - - auto - - enabled - - disabled - type: string - service: - default: - type: LoadBalancer - description: Service describes the configuration of the Service - provisioned to expose the impersonation proxy to clients. - properties: - annotations: - additionalProperties: - type: string - description: Annotations specifies zero or more key/value - pairs to set as annotations on the provisioned Service. - type: object - loadBalancerIP: - description: |- - LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. - This is not supported on all cloud providers. - maxLength: 255 - minLength: 1 - type: string - type: - default: LoadBalancer - description: |- - Type specifies the type of Service to provision for the impersonation proxy. - - If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty - value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. - enum: - - LoadBalancer - - ClusterIP - - None - type: string - type: object - tls: - description: |- - TLS contains information about how the Concierge impersonation proxy should serve TLS. - - If this field is empty, the impersonation proxy will generate its own TLS certificate. - properties: - certificateAuthorityData: - description: |- - X.509 Certificate Authority (base64-encoded PEM bundle). - Used to advertise the CA bundle for the impersonation proxy endpoint. - type: string - secretName: - description: |- - SecretName is the name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - the TLS serving certificate for the Concierge impersonation proxy endpoint. - minLength: 1 - type: string - type: object - required: - - mode - - service - type: object - required: - - impersonationProxy - type: object - status: - description: CredentialIssuerStatus describes the status of the Concierge. - properties: - strategies: - description: List of integration strategies that were attempted by - Pinniped. - items: - description: CredentialIssuerStrategy describes the status of an - integration strategy that was attempted by Pinniped. - properties: - frontend: - description: Frontend describes how clients can connect using - this strategy. - properties: - impersonationProxyInfo: - description: |- - ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. - This field is only set when Type is "ImpersonationProxy". - properties: - certificateAuthorityData: - description: CertificateAuthorityData is the base64-encoded - PEM CA bundle of the impersonation proxy. - minLength: 1 - type: string - endpoint: - description: Endpoint is the HTTPS endpoint of the impersonation - proxy. - minLength: 1 - pattern: ^https:// - type: string - required: - - certificateAuthorityData - - endpoint - type: object - tokenCredentialRequestInfo: - description: |- - TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. - This field is only set when Type is "TokenCredentialRequestAPI". - properties: - certificateAuthorityData: - description: CertificateAuthorityData is the base64-encoded - Kubernetes API server CA bundle. - minLength: 1 - type: string - server: - description: Server is the Kubernetes API server URL. - minLength: 1 - pattern: ^https://|^http:// - type: string - required: - - certificateAuthorityData - - server - type: object - type: - description: Type describes which frontend mechanism clients - can use with a strategy. - enum: - - TokenCredentialRequestAPI - - ImpersonationProxy - type: string - required: - - type - type: object - lastUpdateTime: - description: When the status was last checked. - format: date-time - type: string - message: - description: Human-readable description of the current status. - minLength: 1 - type: string - reason: - description: Reason for the current status. - enum: - - Listening - - Pending - - Disabled - - ErrorDuringSetup - - CouldNotFetchKey - - CouldNotGetClusterInfo - - FetchedKey - type: string - status: - description: Status of the attempted integration strategy. - enum: - - Success - - Error - type: string - type: - description: Type of integration attempted. - enum: - - KubeClusterSigningCertificate - - ImpersonationProxy - type: string - required: - - lastUpdateTime - - message - - reason - - status - - type - type: object - type: array - required: - - strategies - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.29/crds/config.supervisor.pinniped.dev_federationdomains.yaml deleted file mode 100644 index 6b7729815..000000000 --- a/generated/1.29/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ /dev/null @@ -1,456 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: federationdomains.config.supervisor.pinniped.dev -spec: - group: config.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: FederationDomain - listKind: FederationDomainList - plural: federationdomains - singular: federationdomain - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: FederationDomain describes the configuration of an OIDC provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec of the OIDC provider. - properties: - identityProviders: - description: |- - IdentityProviders is the list of identity providers available for use by this FederationDomain. - - An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, - how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to - extract a normalized user identity. Normalized user identities include a username and a list of group names. - In contrast, IdentityProviders describes how to use that normalized identity in those Kubernetes clusters which - belong to this FederationDomain. Each entry in IdentityProviders can be configured with arbitrary transformations - on that normalized identity. For example, a transformation can add a prefix to all usernames to help avoid - accidental conflicts when multiple identity providers have different users with the same username (e.g. - "idp1:ryan" versus "idp2:ryan"). Each entry in IdentityProviders can also implement arbitrary authentication - rejection policies. Even though a user was able to authenticate with the identity provider, a policy can disallow - the authentication to the Kubernetes clusters that belong to this FederationDomain. For example, a policy could - disallow the authentication unless the user belongs to a specific group in the identity provider. - - For backwards compatibility with versions of Pinniped which predate support for multiple identity providers, - an empty IdentityProviders list will cause the FederationDomain to use all available identity providers which - exist in the same namespace, but also to reject all authentication requests when there is more than one identity - provider currently defined. In this backwards compatibility mode, the name of the identity provider resource - (e.g. the Name of an OIDCIdentityProvider resource) will be used as the name of the identity provider in this - FederationDomain. This mode is provided to make upgrading from older versions easier. However, instead of - relying on this backwards compatibility mode, please consider this mode to be deprecated and please instead - explicitly list the identity provider using this IdentityProviders field. - items: - description: FederationDomainIdentityProvider describes how an identity - provider is made available in this FederationDomain. - properties: - displayName: - description: |- - DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the - kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a - disruptive change for those users. - minLength: 1 - type: string - objectRef: - description: |- - ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. - If the reference cannot be resolved then the identity provider will not be made available. - Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, - LDAPIdentityProvider, ActiveDirectoryIdentityProvider. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - transforms: - description: |- - Transforms is an optional way to specify transformations to be applied during user authentication and - session refresh. - properties: - constants: - description: Constants defines constant variables and their - values which will be made available to the transform expressions. - items: - description: |- - FederationDomainTransformsConstant defines a constant variable and its value which will be made available to - the transform expressions. This is a union type, and Type is the discriminator field. - properties: - name: - description: Name determines the name of the constant. - It must be a valid identifier name. - maxLength: 64 - minLength: 1 - pattern: ^[a-zA-Z][_a-zA-Z0-9]*$ - type: string - stringListValue: - description: StringListValue should hold the value - when Type is "stringList", and is otherwise ignored. - items: - type: string - type: array - stringValue: - description: StringValue should hold the value when - Type is "string", and is otherwise ignored. - type: string - type: - description: |- - Type determines the type of the constant, and indicates which other field should be non-empty. - Allowed values are "string" or "stringList". - enum: - - string - - stringList - type: string - required: - - name - - type - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - examples: - description: |- - Examples can optionally be used to ensure that the sequence of transformation expressions are working as - expected. Examples define sample input identities which are then run through the expression list, and the - results are compared to the expected results. If any example in this list fails, then this - identity provider will not be available for use within this FederationDomain, and the error(s) will be - added to the FederationDomain status. This can be used to help guard against programming mistakes in the - expressions, and also act as living documentation for other administrators to better understand the expressions. - items: - description: FederationDomainTransformsExample defines - a transform example. - properties: - expects: - description: |- - Expects is the expected output of the entire sequence of transforms when they are run against the - input Username and Groups. - properties: - groups: - description: Groups is the expected list of group - names after the transformations have been applied. - items: - type: string - type: array - message: - description: |- - Message is the expected error message of the transforms. When Rejected is true, then Message is the expected - message for the policy which rejected the authentication attempt. When Rejected is true and Message is blank, - then Message will be treated as the default error message for authentication attempts which are rejected by a - policy. When Rejected is false, then Message is the expected error message for some other non-policy - transformation error, such as a runtime error. When Rejected is false, there is no default expected Message. - type: string - rejected: - description: |- - Rejected is a boolean that indicates whether authentication is expected to be rejected by a policy expression - after the transformations have been applied. True means that it is expected that the authentication would be - rejected. The default value of false means that it is expected that the authentication would not be rejected - by any policy expression. - type: boolean - username: - description: Username is the expected username - after the transformations have been applied. - type: string - type: object - groups: - description: Groups is the input list of group names. - items: - type: string - type: array - username: - description: Username is the input username. - minLength: 1 - type: string - required: - - expects - - username - type: object - type: array - expressions: - description: |- - Expressions are an optional list of transforms and policies to be executed in the order given during every - authentication attempt, including during every session refresh. - Each is a CEL expression. It may use the basic CEL language as defined in - https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in - https://github.com/google/cel-go/tree/master/ext#strings. - - The username and groups extracted from the identity provider, and the constants defined in this CR, are - available as variables in all expressions. The username is provided via a variable called `username` and - the list of group names is provided via a variable called `groups` (which may be an empty list). - Each user-provided constants is provided via a variable named `strConst.varName` for string constants - and `strListConst.varName` for string list constants. - - The only allowed types for expressions are currently policy/v1, username/v1, and groups/v1. - Each policy/v1 must return a boolean, and when it returns false, no more expressions from the list are evaluated - and the authentication attempt is rejected. - Transformations of type policy/v1 do not return usernames or group names, and therefore cannot change the - username or group names. - Each username/v1 transform must return the new username (a string), which can be the same as the old username. - Transformations of type username/v1 do not return group names, and therefore cannot change the group names. - Each groups/v1 transform must return the new groups list (list of strings), which can be the same as the old - groups list. - Transformations of type groups/v1 do not return usernames, and therefore cannot change the usernames. - After each expression, the new (potentially changed) username or groups get passed to the following expression. - - Any compilation or static type-checking failure of any expression will cause an error status on the FederationDomain. - During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the - authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username - and group names have been decided for that authentication attempt. - items: - description: FederationDomainTransformsExpression defines - a transform expression. - properties: - expression: - description: Expression is a CEL expression that will - be evaluated based on the Type during an authentication. - minLength: 1 - type: string - message: - description: |- - Message is only used when Type is policy/v1. It defines an error message to be used when the policy rejects - an authentication attempt. When empty, a default message will be used. - type: string - type: - description: |- - Type determines the type of the expression. It must be one of the supported types. - Allowed values are "policy/v1", "username/v1", or "groups/v1". - enum: - - policy/v1 - - username/v1 - - groups/v1 - type: string - required: - - expression - - type - type: object - type: array - type: object - required: - - displayName - - objectRef - type: object - type: array - issuer: - description: |- - Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the - identifier that it will use for the iss claim in issued JWTs. This field will also be used as - the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is - https://example.com/foo, then your authorization endpoint will look like - https://example.com/foo/some/path/to/auth/endpoint). - - See - https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. - minLength: 1 - type: string - x-kubernetes-validations: - - message: issuer must be an HTTPS URL - rule: isURL(self) && url(self).getScheme() == 'https' - tls: - description: TLS specifies a secret which will contain Transport Layer - Security (TLS) configuration for the FederationDomain. - properties: - secretName: - description: |- - SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains - the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret - named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use - for TLS. - - Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. - - SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. - SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same - SecretName value even if they have different port numbers. - - SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is - configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar). - It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to - use the default TLS certificate, which is configured elsewhere. - - When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. - type: string - type: object - required: - - issuer - type: object - status: - description: Status of the OIDC provider. - properties: - conditions: - description: Conditions represent the observations of an FederationDomain's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the FederationDomain. - enum: - - Pending - - Ready - - Error - type: string - secrets: - description: Secrets contains information about this OIDC Provider's - secrets. - properties: - jwks: - description: |- - JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are - stored. If it is empty, then the signing/verification keys are either unknown or they don't - exist. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - stateEncryptionKey: - description: |- - StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - encrypting state parameters is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - stateSigningKey: - description: |- - StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - signing state parameters is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - tokenSigningKey: - description: |- - TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for - signing tokens is stored. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.29/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml deleted file mode 100644 index 1abf4681b..000000000 --- a/generated/1.29/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ /dev/null @@ -1,333 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: ActiveDirectoryIdentityProvider - listKind: ActiveDirectoryIdentityProviderList - plural: activedirectoryidentityproviders - singular: activedirectoryidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: ActiveDirectoryIdentityProvider describes the configuration of - an upstream Microsoft Active Directory identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - bind: - description: |- - Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server - to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the username and - password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be - of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value - should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". - The password must be non-empty. - minLength: 1 - type: string - required: - - secretName - type: object - groupSearch: - description: GroupSearch contains the configuration for searching - for a user's group membership in ActiveDirectory. - properties: - attributes: - description: |- - Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as - the result of the group search. - properties: - groupName: - description: |- - GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name - in the user's list of groups after a successful authentication. - The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory - server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". - Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", - where domain is constructed from the domain components of the group DN. - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. - "ou=groups,dc=example,dc=com". - Optional, when not specified it will be based on the result of a query for the defaultNamingContext - (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - The default behavior searches your entire domain for groups. - It may make sense to specify a subtree as a search base if you wish to exclude some groups - for security reasons or to make searches faster. - type: string - filter: - description: |- - Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. - The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the - value of an attribute of the user entry found as a result of the user search. Which attribute's - value is used to replace the placeholder(s) depends on the value of UserAttributeForFilter. - E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". - For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will act as if the filter were specified as - "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". - This searches nested groups by default. - Note that nested group search can be slow for some Active Directory servers. To disable it, - you can set the filter to - "(&(objectClass=group)(member={})" - type: string - skipGroupRefresh: - description: |- - The user's group membership is refreshed as they interact with the supervisor - to obtain new credentials (as their old credentials expire). This allows group - membership changes to be quickly reflected into Kubernetes clusters. Since - group membership is often used to bind authorization policies, it is important - to keep the groups observed in Kubernetes clusters in-sync with the identity - provider. - - In some environments, frequent group membership queries may result in a - significant performance impact on the identity provider and/or the supervisor. - The best approach to handle performance impacts is to tweak the group query - to be more performant, for example by disabling nested group search or by - using a more targeted group search base. - - If the group search query cannot be made performant and you are willing to - have group memberships remain static for approximately a day, then set - skipGroupRefresh to true. This is an insecure configuration as authorization - policies that are bound to group membership will not notice if a user has - been removed from a particular group until their next login. - - This is an experimental feature that may be removed or significantly altered - in the future. Consumers of this configuration should carefully read all - release notes before upgrading to ensure that the meaning of this field has - not changed. - type: boolean - userAttributeForFilter: - description: |- - UserAttributeForFilter specifies which attribute's value from the user entry found as a result of - the user search will be used to replace the "{}" placeholder(s) in the group search Filter. - For example, specifying "uid" as the UserAttributeForFilter while specifying - "&(objectClass=posixGroup)(memberUid={})" as the Filter would search for groups by replacing - the "{}" placeholder in the Filter with the value of the user's "uid" attribute. - Optional. When not specified, the default will act as if "dn" were specified. For example, leaving - UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter - would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. - type: string - type: object - host: - description: 'Host is the hostname of this Active Directory identity - provider, i.e., where to connect. For example: ldap.example.com:636.' - minLength: 1 - type: string - tls: - description: TLS contains the connection settings for how to establish - the connection to the Host. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - userSearch: - description: UserSearch contains the configuration for searching for - a user by name in Active Directory. - properties: - attributes: - description: |- - Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as - the result of the user search. - properties: - uid: - description: |- - UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely - identify the user within this ActiveDirectory provider after a successful authentication. - Optional, when empty this defaults to "objectGUID". - type: string - username: - description: |- - Username specifies the name of the attribute in Active Directory entry whose value shall become the username - of the user after a successful authentication. - Optional, when empty this defaults to "userPrincipalName". - type: string - type: object - base: - description: |- - Base is the dn (distinguished name) that should be used as the search base when searching for users. - E.g. "ou=users,dc=example,dc=com". - Optional, when not specified it will be based on the result of a query for the defaultNamingContext - (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). - The default behavior searches your entire domain for users. - It may make sense to specify a subtree as a search base if you wish to exclude some users - or to make searches faster. - type: string - filter: - description: |- - Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur - in the filter at least once and will be dynamically replaced by the username for which the search is being run. - E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see - https://ldap.com/ldap-filters. - Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. - Optional. When not specified, the default will be - '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' - This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, - and is not shown in advanced view only - (which would likely mean its a system created service account with advanced permissions). - Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. - type: string - type: object - required: - - host - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.29/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml deleted file mode 100644 index c0b6b1e7b..000000000 --- a/generated/1.29/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ /dev/null @@ -1,338 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: githubidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: GitHubIdentityProvider - listKind: GitHubIdentityProviderList - plural: githubidentityproviders - singular: githubidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.githubAPI.host - name: Host - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. - This upstream provider can be configured with either a GitHub App or a GitHub OAuth2 App. - - Right now, only web-based logins are supported, for both the pinniped-cli client and clients configured - as OIDCClients. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - allowAuthentication: - description: AllowAuthentication allows customization of who can authenticate - using this IDP and how. - properties: - organizations: - description: Organizations allows customization of which organizations - can authenticate using this IDP. - properties: - allowed: - description: |- - Allowed, when specified, indicates that only users with membership in at least one of the listed - GitHub organizations may log in. In addition, the group membership presented to Kubernetes will only include - teams within the listed GitHub organizations. Additional login rules or group filtering can optionally be - provided as policy expression on any Pinniped Supervisor FederationDomain that includes this IDP. - - The configured GitHub App or GitHub OAuth App must be allowed to see membership in the listed organizations, - otherwise Pinniped will not be aware that the user belongs to the listed organization or any teams - within that organization. - - If no organizations are listed, you must set organizations: AllGitHubUsers. - items: - type: string - maxItems: 64 - type: array - x-kubernetes-list-type: set - policy: - default: OnlyUsersFromAllowedOrganizations - description: |- - Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". - Defaults to "OnlyUsersFromAllowedOrganizations". - - Must be set to "AllGitHubUsers" if the allowed field is empty. - - This field only exists to ensure that Pinniped administrators are aware that an empty list of - allowedOrganizations means all GitHub users are allowed to log in. - enum: - - OnlyUsersFromAllowedOrganizations - - AllGitHubUsers - type: string - type: object - x-kubernetes-validations: - - message: spec.allowAuthentication.organizations.policy must - be 'OnlyUsersFromAllowedOrganizations' when spec.allowAuthentication.organizations.allowed - has organizations listed - rule: '!(has(self.allowed) && size(self.allowed) > 0 && self.policy - == ''AllGitHubUsers'')' - - message: spec.allowAuthentication.organizations.policy must - be 'AllGitHubUsers' when spec.allowAuthentication.organizations.allowed - is empty - rule: '!((!has(self.allowed) || size(self.allowed) == 0) && - self.policy == ''OnlyUsersFromAllowedOrganizations'')' - required: - - organizations - type: object - claims: - default: {} - description: Claims allows customization of the username and groups - claims. - properties: - groups: - default: slug - description: |- - Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. - - Can be either "name" or "slug". Defaults to "slug". - - GitHub team names can contain upper and lower case characters, whitespace, and punctuation (e.g. "Kube admins!"). - - GitHub team slugs are lower case alphanumeric characters and may contain dashes and underscores (e.g. "kube-admins"). - - Group names as presented to Kubernetes will always be prefixed by the GitHub organization name followed by a - forward slash (e.g. "my-org/my-team"). GitHub organization login names can only contain alphanumeric characters - or single hyphens, so the first forward slash `/` will be the separator between the organization login name and - the team name or slug. - - If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - FederationDomain to further customize how these group names are presented to Kubernetes. - - See the response schema for - [List teams for the authenticated user](https://docs.github.com/en/rest/teams/teams?apiVersion=2022-11-28#list-teams-for-the-authenticated-user). - enum: - - name - - slug - type: string - username: - default: login:id - description: |- - Username configures which property of the GitHub user record shall determine the username in Kubernetes. - - Can be either "id", "login", or "login:id". Defaults to "login:id". - - GitHub's user login attributes can only contain alphanumeric characters and non-repeating hyphens, - and may not start or end with hyphens. GitHub users are allowed to change their login name, - although it is inconvenient. If a GitHub user changed their login name from "foo" to "bar", - then a second user might change their name from "baz" to "foo" in order to take the old - username of the first user. For this reason, it is not as safe to make authorization decisions - based only on the user's login attribute. - - If desired, an admin could configure identity transformation expressions on the Pinniped Supervisor's - FederationDomain to further customize how these usernames are presented to Kubernetes. - - Defaults to "login:id", which is the user login attribute, followed by a colon, followed by the unique and - unchanging integer ID number attribute. This blends human-readable login names with the unchanging ID value - from GitHub. Colons are not allowed in GitHub login attributes or ID numbers, so this is a reasonable - choice to concatenate the two values. - - See the response schema for - [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). - enum: - - id - - login - - login:id - type: string - type: object - client: - description: Client identifies the secret with credentials for a GitHub - App or GitHub OAuth2 App (a GitHub client). - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the clientID and - clientSecret for an GitHub App or GitHub OAuth2 client. - - This secret must be of type "secrets.pinniped.dev/github-client" with keys "clientID" and "clientSecret". - minLength: 1 - type: string - required: - - secretName - type: object - githubAPI: - default: {} - description: GitHubAPI allows configuration for GitHub Enterprise - Server - properties: - host: - default: github.com - description: |- - Host is required only for GitHub Enterprise Server. - Defaults to using GitHub's public API ("github.com"). - For convenience, specifying "github.com" is equivalent to specifying "api.github.com". - Do not specify a protocol or scheme since "https://" will always be used. - Port is optional. Do not specify a path, query, fragment, or userinfo. - Only specify domain name or IP address, subdomains (optional), and port (optional). - IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address - in square brackets. Example: "[::1]:443". - minLength: 1 - type: string - tls: - description: |- - TLS configuration for GitHub Enterprise Server. - Note that this field should not be needed when using GitHub's public API ("github.com"). - However, if you choose to specify this field when using GitHub's public API, you must - specify a CA bundle that will verify connections to "api.github.com". - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM - bundle). If omitted, a default set of system roots will - be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - type: object - required: - - allowAuthentication - - client - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Conditions represents the observations of an identity - provider's current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the GitHubIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.29/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.29/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml deleted file mode 100644 index 2aaec4461..000000000 --- a/generated/1.29/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ /dev/null @@ -1,331 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.19.0 - name: oidcidentityproviders.idp.supervisor.pinniped.dev -spec: - group: idp.supervisor.pinniped.dev - names: - categories: - - pinniped - - pinniped-idp - - pinniped-idps - kind: OIDCIdentityProvider - listKind: OIDCIdentityProviderList - plural: oidcidentityproviders - singular: oidcidentityprovider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.issuer - name: Issuer - type: string - - jsonPath: .status.phase - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCIdentityProvider describes the configuration of an upstream - OpenID Connect identity provider. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec for configuring the identity provider. - properties: - authorizationConfig: - description: |- - AuthorizationConfig holds information about how to form the OAuth2 authorization request - parameters to be used with this OIDC identity provider. - properties: - additionalAuthorizeParameters: - description: |- - additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your - OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra - parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", - "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be - included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. - The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user - should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting - ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. - This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password - Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the - Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" - parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's - authorization endpoint for its requirements for what to include in the request in order to receive a refresh - token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, - then include it here. Also note that most providers also require a certain scope to be requested in order to - receive refresh tokens. See the additionalScopes setting for more information about using scopes to request - refresh tokens. - items: - description: Parameter is a key/value pair which represents - a parameter in an HTTP request. - properties: - name: - description: The name of the parameter. Required. - minLength: 1 - type: string - value: - description: The value of the parameter. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - additionalScopes: - description: |- - additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization - request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials - Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is - always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request - the following scopes: "openid", "offline_access", "email", and "profile". See - https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" - scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the - "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, - or as common patterns used by providers who implement the standard in the ecosystem evolve. - By setting this list to anything other than an empty list, you are overriding the - default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. - If you do not want any of these scopes to be requested, you may set this list to contain only "openid". - Some OIDC providers may also require a scope to get access to the user's group membership, in which case you - may wish to include it in this list. Sometimes the scope to request the user's group membership is called - "groups", but unfortunately this is not specified in the OIDC standard. - Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by - your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in - the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See - your OIDC provider's documentation for more information about what scopes are available to request claims. - Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor - from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be - "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its - requirements for what to include in the request in order to receive a refresh token in the response, if anything. - Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider - may ignore scopes that it does not understand or require (see - https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the - "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC - provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). - items: - type: string - type: array - allowPasswordGrant: - description: |- - allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant - (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a - username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. - The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be - supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password - Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose - to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the - cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be - convenient for users, especially for identities from your OIDC provider which are not intended to represent a human - actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, - you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this - OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password - Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords - (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other - web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. - allowPasswordGrant defaults to false. - type: boolean - type: object - claims: - description: |- - Claims provides the names of token claims that will be used when inspecting an identity from - this OIDC identity provider. - properties: - additionalClaimMappings: - additionalProperties: - type: string - description: |- - AdditionalClaimMappings allows for additional arbitrary upstream claim values to be mapped into the - "additionalClaims" claim of the ID tokens generated by the Supervisor. This should be specified as a map of - new claim names as the keys, and upstream claim names as the values. These new claim names will be nested - under the top-level "additionalClaims" claim in ID tokens generated by the Supervisor when this - OIDCIdentityProvider was used for user authentication. These claims will be made available to all clients. - This feature is not required to use the Supervisor to provide authentication for Kubernetes clusters, but can be - used when using the Supervisor for other authentication purposes. When this map is empty or the upstream claims - are not available, the "additionalClaims" claim will be excluded from the ID tokens generated by the Supervisor. - type: object - groups: - description: |- - Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain - the groups to which an identity belongs. By default, the identities will not include any group memberships when - this setting is not configured. - type: string - username: - description: |- - Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to - ascertain an identity's username. When not set, the username will be an automatically constructed unique string - which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from - the ID token. - type: string - type: object - client: - description: |- - OIDCClient contains OIDC client information to be used used with this OIDC identity - provider. - properties: - secretName: - description: |- - SecretName contains the name of a namespace-local Secret object that provides the clientID and - clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient - struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys - "clientID" and "clientSecret". - type: string - required: - - secretName - type: object - issuer: - description: |- - Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch - /.well-known/openid-configuration. - minLength: 1 - pattern: ^https:// - type: string - tls: - description: TLS configuration for discovery/JWKS requests to the - issuer. - properties: - certificateAuthorityData: - description: X.509 Certificate Authority (base64-encoded PEM bundle). - If omitted, a default set of system roots will be trusted. - type: string - certificateAuthorityDataSource: - description: |- - Reference to a CA bundle in a secret or a configmap. - Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. - properties: - key: - description: |- - Key is the key name within the secret or configmap from which to read the CA bundle. - The value found at this key in the secret or configmap must not be empty, and must be a valid PEM-encoded - certificate bundle. - minLength: 1 - type: string - kind: - description: |- - Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. - Allowed values are "Secret" or "ConfigMap". - "ConfigMap" uses a Kubernetes configmap to source CA Bundles. - "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name is the resource name of the secret or configmap from which to read the CA bundle. - The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed. - minLength: 1 - type: string - required: - - key - - kind - - name - type: object - type: object - required: - - client - - issuer - type: object - status: - description: Status of the identity provider. - properties: - conditions: - description: Represents the observations of an identity provider's - current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - phase: - default: Pending - description: Phase summarizes the overall status of the OIDCIdentityProvider. - enum: - - Pending - - Ready - - Error - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.30/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.30/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.30/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 211a61625..f61fdba36 100644 --- a/generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.30/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.30/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.30/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.30/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.30/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.30/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.31/apis/go.mod b/generated/1.31/apis/go.mod index 4fbeeee3e..90e9f5c3b 100644 --- a/generated/1.31/apis/go.mod +++ b/generated/1.31/apis/go.mod @@ -4,8 +4,8 @@ module go.pinniped.dev/generated/1.31/apis go 1.22.0 require ( - k8s.io/api v0.31.13 - k8s.io/apimachinery v0.31.13 + k8s.io/api v0.31.14 + k8s.io/apimachinery v0.31.14 ) require ( diff --git a/generated/1.31/apis/go.sum b/generated/1.31/apis/go.sum index f25121837..feb61f8b1 100644 --- a/generated/1.31/apis/go.sum +++ b/generated/1.31/apis/go.sum @@ -81,10 +81,10 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.31.13 h1:sco9Cq2pY4Ysv9qZiWzcR97MmA/35nwYQ/VCTzOcWmc= -k8s.io/api v0.31.13/go.mod h1:4D8Ry8RqqLDemNLwGYC6v5wOy51N7hitr4WQ6oSWfLY= -k8s.io/apimachinery v0.31.13 h1:rkG0EiBkBkEzURo/8dKGx/oBF202Z2LqHuSD8Cm3bG4= -k8s.io/apimachinery v0.31.13/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/api v0.31.14 h1:xYn/S/WFJsksI7dk/5uBRd3Umm/D8W5g7sRnd4csotA= +k8s.io/api v0.31.14/go.mod h1:K8fvRey4z73RAuxBZCma7WtY8WFvkViYhfFLCMT4xgA= +k8s.io/apimachinery v0.31.14 h1:/eMIwjv+GFm6A/sSGlB1NupBU6wTDPhEWsju0Fj69kY= +k8s.io/apimachinery v0.31.14/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= diff --git a/generated/1.31/client/go.mod b/generated/1.31/client/go.mod index 1e1ed968a..62f29d701 100644 --- a/generated/1.31/client/go.mod +++ b/generated/1.31/client/go.mod @@ -7,9 +7,9 @@ replace go.pinniped.dev/generated/1.31/apis => ../apis require ( go.pinniped.dev/generated/1.31/apis v0.0.0 - k8s.io/api v0.31.13 - k8s.io/apimachinery v0.31.13 - k8s.io/client-go v0.31.13 + k8s.io/api v0.31.14 + k8s.io/apimachinery v0.31.14 + k8s.io/client-go v0.31.14 k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 ) diff --git a/generated/1.31/client/go.sum b/generated/1.31/client/go.sum index e9b1840e2..ff580b1f1 100644 --- a/generated/1.31/client/go.sum +++ b/generated/1.31/client/go.sum @@ -136,12 +136,12 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.31.13 h1:sco9Cq2pY4Ysv9qZiWzcR97MmA/35nwYQ/VCTzOcWmc= -k8s.io/api v0.31.13/go.mod h1:4D8Ry8RqqLDemNLwGYC6v5wOy51N7hitr4WQ6oSWfLY= -k8s.io/apimachinery v0.31.13 h1:rkG0EiBkBkEzURo/8dKGx/oBF202Z2LqHuSD8Cm3bG4= -k8s.io/apimachinery v0.31.13/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/client-go v0.31.13 h1:Q0LG51uFbzNd9fzIj5ilA0Sm1wUholHvDaNwVKzqdCA= -k8s.io/client-go v0.31.13/go.mod h1:UB4yTzQeRAv+vULOKp2jdqA5LSwV55bvc3RQ5tM48LM= +k8s.io/api v0.31.14 h1:xYn/S/WFJsksI7dk/5uBRd3Umm/D8W5g7sRnd4csotA= +k8s.io/api v0.31.14/go.mod h1:K8fvRey4z73RAuxBZCma7WtY8WFvkViYhfFLCMT4xgA= +k8s.io/apimachinery v0.31.14 h1:/eMIwjv+GFm6A/sSGlB1NupBU6wTDPhEWsju0Fj69kY= +k8s.io/apimachinery v0.31.14/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/client-go v0.31.14 h1:d4/G0xfksNIbMWH7ghjzOwC5bTAwQ20gABTjZw7fLlQ= +k8s.io/client-go v0.31.14/go.mod h1:0uRpRB7r5QwtsbxEngZPkbcIVoNdAQAPIcopgiXjhQc= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= diff --git a/generated/1.31/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.31/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.31/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.31/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.31/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.31/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.31/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.31/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.31/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.31/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.31/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.31/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.31/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.31/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 211a61625..f61fdba36 100644 --- a/generated/1.31/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.31/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.31/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.31/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.31/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.31/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.31/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.31/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.31/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.31/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.31/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.31/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.31/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.31/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.31/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.31/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.31/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.31/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.31/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.31/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.31/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.31/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.32/apis/go.mod b/generated/1.32/apis/go.mod index 73cbccdfb..9a69a7853 100644 --- a/generated/1.32/apis/go.mod +++ b/generated/1.32/apis/go.mod @@ -4,8 +4,8 @@ module go.pinniped.dev/generated/1.32/apis go 1.23.0 require ( - k8s.io/api v0.32.9 - k8s.io/apimachinery v0.32.9 + k8s.io/api v0.32.10 + k8s.io/apimachinery v0.32.10 ) require ( diff --git a/generated/1.32/apis/go.sum b/generated/1.32/apis/go.sum index e5780e5e9..8d3494ffc 100644 --- a/generated/1.32/apis/go.sum +++ b/generated/1.32/apis/go.sum @@ -79,10 +79,10 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.9 h1:q/59kk8lnecgG0grJqzrmXC1Jcl2hPWp9ltz0FQuoLI= -k8s.io/api v0.32.9/go.mod h1:jIfT3rwW4EU1IXZm9qjzSk/2j91k4CJL5vUULrxqp3Y= -k8s.io/apimachinery v0.32.9 h1:fXk8ktfsxrdThaEOAQFgkhCK7iyoyvS8nbYJ83o/SSs= -k8s.io/apimachinery v0.32.9/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/api v0.32.10 h1:ocp4turNfa1V40TuBW/LuA17TeXG9g/GI2ebg0KxBNk= +k8s.io/api v0.32.10/go.mod h1:AsMsc4b6TuampYqgMEGSv0HBFpRS4BlKTXAVCAa7oF4= +k8s.io/apimachinery v0.32.10 h1:SAg2kUPLYRcBJQj66oniP1BnXSqw+l1GvJFsJlBmVvQ= +k8s.io/apimachinery v0.32.10/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= diff --git a/generated/1.32/client/go.mod b/generated/1.32/client/go.mod index 5f5833c23..67ef83697 100644 --- a/generated/1.32/client/go.mod +++ b/generated/1.32/client/go.mod @@ -7,9 +7,9 @@ replace go.pinniped.dev/generated/1.32/apis => ../apis require ( go.pinniped.dev/generated/1.32/apis v0.0.0 - k8s.io/api v0.32.9 - k8s.io/apimachinery v0.32.9 - k8s.io/client-go v0.32.9 + k8s.io/api v0.32.10 + k8s.io/apimachinery v0.32.10 + k8s.io/client-go v0.32.10 k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f ) diff --git a/generated/1.32/client/go.sum b/generated/1.32/client/go.sum index 486210242..cfbc72d89 100644 --- a/generated/1.32/client/go.sum +++ b/generated/1.32/client/go.sum @@ -134,12 +134,12 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.9 h1:q/59kk8lnecgG0grJqzrmXC1Jcl2hPWp9ltz0FQuoLI= -k8s.io/api v0.32.9/go.mod h1:jIfT3rwW4EU1IXZm9qjzSk/2j91k4CJL5vUULrxqp3Y= -k8s.io/apimachinery v0.32.9 h1:fXk8ktfsxrdThaEOAQFgkhCK7iyoyvS8nbYJ83o/SSs= -k8s.io/apimachinery v0.32.9/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/client-go v0.32.9 h1:ZMyIQ1TEpTDAQni3L2gH1NZzyOA/gHfNcAazzCxMJ0c= -k8s.io/client-go v0.32.9/go.mod h1:2OT8aFSYvUjKGadaeT+AVbhkXQSpMAkiSb88Kz2WggI= +k8s.io/api v0.32.10 h1:ocp4turNfa1V40TuBW/LuA17TeXG9g/GI2ebg0KxBNk= +k8s.io/api v0.32.10/go.mod h1:AsMsc4b6TuampYqgMEGSv0HBFpRS4BlKTXAVCAa7oF4= +k8s.io/apimachinery v0.32.10 h1:SAg2kUPLYRcBJQj66oniP1BnXSqw+l1GvJFsJlBmVvQ= +k8s.io/apimachinery v0.32.10/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/client-go v0.32.10 h1:MFmIjsKtcnn7mStjrJG1ZW2WzLsKKn6ZtL9hHM/W0xU= +k8s.io/client-go v0.32.10/go.mod h1:qJy/Ws3zSwnu/nD75D+/of1uxbwWHxrYT5P3FuobVLI= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= diff --git a/generated/1.32/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.32/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.32/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.32/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.32/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.32/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.32/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.32/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.32/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.32/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.32/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.32/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.32/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.32/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 211a61625..f61fdba36 100644 --- a/generated/1.32/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.32/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.32/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.32/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.32/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.32/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.32/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.32/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.32/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.32/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.32/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.32/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.32/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.32/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.32/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.32/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.32/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.32/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.32/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.32/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.32/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.32/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.33/apis/go.mod b/generated/1.33/apis/go.mod index ba69a9101..466634680 100644 --- a/generated/1.33/apis/go.mod +++ b/generated/1.33/apis/go.mod @@ -4,8 +4,8 @@ module go.pinniped.dev/generated/1.33/apis go 1.24.0 require ( - k8s.io/api v0.33.5 - k8s.io/apimachinery v0.33.5 + k8s.io/api v0.33.6 + k8s.io/apimachinery v0.33.6 ) require ( diff --git a/generated/1.33/apis/go.sum b/generated/1.33/apis/go.sum index ca3368dfc..5037af2cc 100644 --- a/generated/1.33/apis/go.sum +++ b/generated/1.33/apis/go.sum @@ -75,10 +75,10 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.33.5 h1:YR+uhYj05jdRpcksv8kjSliW+v9hwXxn6Cv10aR8Juw= -k8s.io/api v0.33.5/go.mod h1:2gzShdwXKT5yPGiqrTrn/U/nLZ7ZyT4WuAj3XGDVgVs= -k8s.io/apimachinery v0.33.5 h1:NiT64hln4TQXeYR18/ES39OrNsjGz8NguxsBgp+6QIo= -k8s.io/apimachinery v0.33.5/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= +k8s.io/api v0.33.6 h1:9O22ZqwT6CkQ3iboVpvTR5BEWuT3Xm6/8NX6MOLmc38= +k8s.io/api v0.33.6/go.mod h1:bdon4pRFmRmdsFyltGIoCaPqutN7y//OQ4srD0uy9X0= +k8s.io/apimachinery v0.33.6 h1:Pq+px1i1t7lNgE58dIeBwJh7OWId6pfGD1dYBm/U5HI= +k8s.io/apimachinery v0.33.6/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= diff --git a/generated/1.33/client/go.mod b/generated/1.33/client/go.mod index b44c3e9e8..b9c45a1f2 100644 --- a/generated/1.33/client/go.mod +++ b/generated/1.33/client/go.mod @@ -7,9 +7,9 @@ replace go.pinniped.dev/generated/1.33/apis => ../apis require ( go.pinniped.dev/generated/1.33/apis v0.0.0 - k8s.io/api v0.33.5 - k8s.io/apimachinery v0.33.5 - k8s.io/client-go v0.33.5 + k8s.io/api v0.33.6 + k8s.io/apimachinery v0.33.6 + k8s.io/client-go v0.33.6 k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff ) diff --git a/generated/1.33/client/go.sum b/generated/1.33/client/go.sum index 58afb90e7..1ef62aed1 100644 --- a/generated/1.33/client/go.sum +++ b/generated/1.33/client/go.sum @@ -132,12 +132,12 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.33.5 h1:YR+uhYj05jdRpcksv8kjSliW+v9hwXxn6Cv10aR8Juw= -k8s.io/api v0.33.5/go.mod h1:2gzShdwXKT5yPGiqrTrn/U/nLZ7ZyT4WuAj3XGDVgVs= -k8s.io/apimachinery v0.33.5 h1:NiT64hln4TQXeYR18/ES39OrNsjGz8NguxsBgp+6QIo= -k8s.io/apimachinery v0.33.5/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= -k8s.io/client-go v0.33.5 h1:I8BdmQGxInpkMEnJvV6iG7dqzP3JRlpZZlib3OMFc3o= -k8s.io/client-go v0.33.5/go.mod h1:W8PQP4MxbM4ypgagVE65mUUqK1/ByQkSALF9tzuQ6u0= +k8s.io/api v0.33.6 h1:9O22ZqwT6CkQ3iboVpvTR5BEWuT3Xm6/8NX6MOLmc38= +k8s.io/api v0.33.6/go.mod h1:bdon4pRFmRmdsFyltGIoCaPqutN7y//OQ4srD0uy9X0= +k8s.io/apimachinery v0.33.6 h1:Pq+px1i1t7lNgE58dIeBwJh7OWId6pfGD1dYBm/U5HI= +k8s.io/apimachinery v0.33.6/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= +k8s.io/client-go v0.33.6 h1:icPU5E5XHl/5mdwMUdSxpGtHnnjWzG0MSputTR9odrg= +k8s.io/client-go v0.33.6/go.mod h1:3z/Cwqdi6/Uo+E17k+OgQi4QfXS0XuIUmfHpK6rQdZU= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= diff --git a/generated/1.33/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.33/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.33/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.33/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.33/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.33/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.33/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.33/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.33/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.33/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.33/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.33/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.33/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.33/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 211a61625..f61fdba36 100644 --- a/generated/1.33/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.33/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.33/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.33/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.33/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.33/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.33/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.33/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.33/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.33/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.33/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.33/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.33/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.33/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.33/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.33/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.33/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.33/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.33/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.33/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.33/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.33/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.26/README.adoc b/generated/1.34/README.adoc similarity index 82% rename from generated/1.26/README.adoc rename to generated/1.34/README.adoc index b80bc78a9..c90154692 100644 --- a/generated/1.26/README.adoc +++ b/generated/1.34/README.adoc @@ -23,32 +23,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -60,14 +60,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-claimvalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-claimvalidationrule"] ==== ClaimValidationRule ClaimValidationRule provides the configuration for a single claim validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -98,14 +98,14 @@ Mutually exclusive with claim and requiredValue. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-extramapping"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-extramapping"] ==== ExtraMapping ExtraMapping provides the configuration for a single extra mapping. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] **** [cols="25a,75a", options="header"] @@ -132,7 +132,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator JWTAuthenticator describes the configuration of a JWT authenticator. @@ -142,41 +142,41 @@ signature, existence of claims, etc.) and extract the username and groups from t .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] ==== JWTAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] ==== JWTAuthenticatorSpec JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] @@ -185,14 +185,14 @@ JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. | *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + also used to validate the "iss" JWT claim. + | *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + +| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + +| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + These allow invariants to be applied to incoming identities such as preventing the + use of the system: prefix that is commonly used by Kubernetes components. + The validation rules are logically ANDed together and must all return true for the validation to pass. + @@ -200,29 +200,29 @@ This is similar to claimValidationRules from Kubernetes AuthenticationConfigurat https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] ==== JWTAuthenticatorStatus JWTAuthenticatorStatus is the status of a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwttokenclaims"] ==== JWTTokenClaims JWTTokenClaims allows customization of the claims that will be mapped to user identity @@ -230,7 +230,7 @@ for Kubernetes access. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -295,7 +295,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + Mutually exclusive with groups. Use either groups or groupsExpression to + determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + +| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + However, note that the Pinniped Concierge issues client certificates to users for the purpose + @@ -336,34 +336,34 @@ This will result in: + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration on various authenticators. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-uservalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-uservalidationrule"] ==== UserValidationRule UserValidationRule provides the configuration for a single user info validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -383,73 +383,73 @@ message is a literal string. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticator"] ==== WebhookAuthenticator WebhookAuthenticator describes the configuration of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] ==== WebhookAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] ==== WebhookAuthenticatorSpec Spec for configuring a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] ==== WebhookAuthenticatorStatus Status of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + |=== @@ -461,35 +461,35 @@ Package clientsecret is the internal version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -500,14 +500,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -526,36 +526,36 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -566,14 +566,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -592,125 +592,125 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuer"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuer"] ==== CredentialIssuer CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerfrontend"] ==== CredentialIssuerFrontend CredentialIssuerFrontend describes how to connect using a particular integration strategy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + This field is only set when Type is "ImpersonationProxy". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerspec"] ==== CredentialIssuerSpec CredentialIssuerSpec describes the intended configuration of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstatus"] ==== CredentialIssuerStatus CredentialIssuerStatus describes the status of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy"] ==== CredentialIssuerStrategy CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + +| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + | *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#time-v1-meta[$$Time$$]__ | When the status was last checked. + +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-frontendtype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-frontendtype"] ==== FrontendType (string) FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyinfo"] ==== ImpersonationProxyInfo ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -721,7 +721,7 @@ ImpersonationProxyInfo describes the parameters for the impersonation proxy on t |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxymode"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxymode"] ==== ImpersonationProxyMode (string) ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. @@ -729,25 +729,25 @@ Allowed values are "auto", "enabled", or "disabled". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] ==== ImpersonationProxyServiceSpec ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + @@ -757,7 +757,7 @@ This is not supported on all cloud providers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] ==== ImpersonationProxyServiceType (string) ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. @@ -765,40 +765,40 @@ Allowed values are "LoadBalancer", "ClusterIP", or "None". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyspec"] ==== ImpersonationProxySpec ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + +| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + - "disabled" explicitly disables the impersonation proxy. This is the default. + - "enabled" explicitly enables the impersonation proxy. + - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + | *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + If this field is empty, the impersonation proxy will generate its own TLS certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] ==== ImpersonationProxyTLSSpec ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should @@ -812,7 +812,7 @@ the impersonation proxy endpoint. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] @@ -825,50 +825,50 @@ the TLS serving certificate for the Concierge impersonation proxy endpoint. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategyreason"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategyreason"] ==== StrategyReason (string) StrategyReason enumerates the detailed reason why a strategy is in a particular status. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategystatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategystatus"] ==== StrategyStatus (string) StrategyStatus enumerates whether a strategy is working on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-strategytype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-strategytype"] ==== StrategyType (string) StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] ==== TokenCredentialRequestAPIInfo TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -887,34 +887,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomain"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain FederationDomain describes the configuration of an OIDC provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] ==== FederationDomainIdentityProvider FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -923,62 +923,62 @@ FederationDomainIdentityProvider describes how an identity provider is made avai | *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + +| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + If the reference cannot be resolved then the identity provider will not be made available. + Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + +| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + session refresh. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainphase"] ==== FederationDomainPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainsecrets"] ==== FederationDomainSecrets FederationDomainSecrets holds information about this OIDC Provider's secrets. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + stored. If it is empty, then the signing/verification keys are either unknown or they don't + exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + encrypting state parameters is stored. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainspec"] ==== FederationDomainSpec FederationDomainSpec is a struct that describes an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] @@ -992,8 +992,8 @@ https://example.com/foo/some/path/to/auth/endpoint). + See + https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + +| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + @@ -1018,33 +1018,33 @@ explicitly list the identity provider using this IdentityProviders field. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainstatus"] ==== FederationDomainStatus FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] ==== FederationDomainTLSSpec FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -1070,21 +1070,21 @@ When your Issuer URL's host is an IP address, then this field is ignored. SNI do |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransforms"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransforms"] ==== FederationDomainTransforms FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + +| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + +| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + authentication attempt, including during every session refresh. + Each is a CEL expression. It may use the basic CEL language as defined in + https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + @@ -1112,7 +1112,7 @@ Any compilation or static type-checking failure of any expression will cause an During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + +| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + expected. Examples define sample input identities which are then run through the expression list, and the + results are compared to the expected results. If any example in this list fails, then this + identity provider will not be available for use within this FederationDomain, and the error(s) will be + @@ -1121,7 +1121,7 @@ expressions, and also act as living documentation for other administrators to be |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] ==== FederationDomainTransformsConstant FederationDomainTransformsConstant defines a constant variable and its value which will be made available to @@ -1129,7 +1129,7 @@ the transform expressions. This is a union type, and Type is the discriminator f .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1143,14 +1143,14 @@ Allowed values are "string" or "stringList". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] ==== FederationDomainTransformsExample FederationDomainTransformsExample defines a transform example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1158,19 +1158,19 @@ FederationDomainTransformsExample defines a transform example. | Field | Description | *`username`* __string__ | Username is the input username. + | *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + +| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + input Username and Groups. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] ==== FederationDomainTransformsExampleExpects FederationDomainTransformsExampleExpects defines the expected result for a transforms example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] **** [cols="25a,75a", options="header"] @@ -1190,14 +1190,14 @@ transformation error, such as a runtime error. When Rejected is false, there is |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] ==== FederationDomainTransformsExpression FederationDomainTransformsExpression defines a transform expression. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1211,70 +1211,70 @@ an authentication attempt. When empty, a default message will be used. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-granttype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-granttype"] ==== GrantType (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient describes the configuration of an OIDC client. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientphase"] ==== OIDCClientPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec"] ==== OIDCClientSpec OIDCClientSpec is a struct that describes an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + +| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. + Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + +| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + client. + Must only contain the following values: + @@ -1285,7 +1285,7 @@ This grant must be listed if allowedScopes lists offline_access. + - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + which is a step in the process to be able to get a cluster credential for the user. + This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + +| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: + - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + @@ -1301,37 +1301,37 @@ Without the username scope being requested and allowed, the ID token will not co - groups: The client is allowed to request that ID tokens contain the user's group membership, + if their group membership is discoverable by the Supervisor. + Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + +| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientstatus"] ==== OIDCClientStatus OIDCClientStatus is a struct that describes the actual state of an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] ==== OIDCClientTokenLifetimes OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** [cols="25a,75a", options="header"] @@ -1350,26 +1350,26 @@ longer lifetimes. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-redirecturi"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-redirecturi"] ==== RedirectURI (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-scope"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-scope"] ==== Scope (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** @@ -1382,19 +1382,19 @@ Package identity is the internal version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1402,18 +1402,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1421,7 +1421,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1432,57 +1432,57 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1494,19 +1494,19 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1514,18 +1514,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1533,7 +1533,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1544,58 +1544,58 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1607,34 +1607,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity pro -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] ==== ActiveDirectoryIdentityProvider ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] ==== ActiveDirectoryIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1648,14 +1648,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] ==== ActiveDirectoryIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1689,7 +1689,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -1717,14 +1717,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] ==== ActiveDirectoryIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -1741,66 +1741,66 @@ where domain is constructed from the domain components of the group DN. + -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] ==== ActiveDirectoryIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] ==== ActiveDirectoryIdentityProviderSpec Spec for configuring an ActiveDirectory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] ==== ActiveDirectoryIdentityProviderStatus Status of an Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] ==== ActiveDirectoryIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1824,19 +1824,19 @@ This means that the user is a person, is not a computer, the sAMAccountType is f and is not shown in advanced view only + (which would likely mean its a system created service account with advanced permissions). + Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] ==== ActiveDirectoryIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -1851,32 +1851,32 @@ Optional, when empty this defaults to "objectGUID". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -1888,14 +1888,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubapiconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubapiconfig"] ==== GitHubAPIConfig GitHubAPIConfig allows configuration for GitHub Enterprise Server .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1909,56 +1909,56 @@ Port is optional. Do not specify a path, query, fragment, or userinfo. + Only specify domain name or IP address, subdomains (optional), and port (optional). + IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + Note that this field should not be needed when using GitHub's public API ("github.com"). + However, if you choose to specify this field when using GitHub's public API, you must + specify a CA bundle that will verify connections to "api.github.com". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] ==== GitHubAllowAuthenticationSpec GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + +| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] ==== GitHubAllowedAuthOrganizationsPolicy (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclaims"] ==== GitHubClaims GitHubClaims allows customization of the username and groups claims. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + +| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + Can be either "id", "login", or "login:id". Defaults to "login:id". + @@ -1979,7 +1979,7 @@ choice to concatenate the two values. + See the response schema for + [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + +| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + Can be either "name" or "slug". Defaults to "slug". + @@ -2000,7 +2000,7 @@ See the response schema for + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclientspec"] ==== GitHubClientSpec GitHubClientSpec contains information about the GitHub client that this identity provider will use @@ -2008,7 +2008,7 @@ for web-based login flows. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2021,7 +2021,7 @@ This secret must be of type "secrets.pinniped.dev/github-client" with keys "clie |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] ==== GitHubGroupNameAttribute (string) GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group @@ -2030,12 +2030,12 @@ names to present to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityprovider"] ==== GitHubIdentityProvider GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. @@ -2046,85 +2046,85 @@ as OIDCClients. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] ==== GitHubIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] ==== GitHubIdentityProviderSpec GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + +| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + +| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] ==== GitHubIdentityProviderStatus GitHubIdentityProviderStatus is the status of an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] ==== GitHubOrganizationsSpec .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + +| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + Defaults to "OnlyUsersFromAllowedOrganizations". + Must be set to "AllGitHubUsers" if the allowed field is empty. + @@ -2144,7 +2144,7 @@ If no organizations are listed, you must set organizations: AllGitHubUsers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubusernameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubusernameattribute"] ==== GitHubUsernameAttribute (string) GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present @@ -2153,12 +2153,12 @@ to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access @@ -2166,27 +2166,27 @@ Protocol (LDAP) identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] ==== LDAPIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2200,14 +2200,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] ==== LDAPIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2232,7 +2232,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -2260,14 +2260,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] ==== LDAPIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -2283,66 +2283,66 @@ Optional. When not specified, the default will act as if the GroupName were spec -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] ==== LDAPIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] ==== LDAPIdentityProviderSpec Spec for configuring an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] ==== LDAPIdentityProviderStatus Status of an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] ==== LDAPIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2358,19 +2358,19 @@ Note that the dn (distinguished name) is not an attribute of an entry, so "dn={} Optional. When not specified, the default will act as if the Filter were specified as the value from + Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] ==== LDAPIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -2390,7 +2390,7 @@ server in the user's entry. Distinguished names can be used by specifying lower- |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] ==== OIDCAuthorizationConfig OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization @@ -2398,7 +2398,7 @@ request parameters. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2432,7 +2432,7 @@ may ignore scopes that it does not understand or require (see + https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + @@ -2468,14 +2468,14 @@ allowPasswordGrant defaults to false. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcclaims"] ==== OIDCClaims OIDCClaims provides a mapping from upstream claims into identities. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2499,7 +2499,7 @@ are not available, the "additionalClaims" claim will be excluded from the ID tok |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient contains information about an OIDC client (e.g., client ID and client @@ -2507,7 +2507,7 @@ secret). .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2520,48 +2520,48 @@ struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oid |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] ==== OIDCIdentityProvider OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] ==== OIDCIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] ==== OIDCIdentityProviderSpec OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] @@ -2569,42 +2569,42 @@ OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. | Field | Description | *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + /.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] ==== OIDCIdentityProviderStatus OIDCIdentityProviderStatus is the status of an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-parameter"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-parameter"] ==== Parameter Parameter is a key/value pair which represents a parameter in an HTTP request. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] **** [cols="25a,75a", options="header"] @@ -2615,24 +2615,24 @@ Parameter is a key/value pair which represents a parameter in an HTTP request. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration for identity provider integration. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== @@ -2645,7 +2645,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-clustercredential"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-clustercredential"] ==== ClusterCredential ClusterCredential is the cluster-specific credential returned on a successful credential request. It @@ -2653,73 +2653,73 @@ contains either a valid bearer token or a valid TLS certificate and correspondin .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + | *`token`* __string__ | Token is a bearer token used by the client for request authentication. + | *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + | *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequest"] ==== TokenCredentialRequest TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] ==== TokenCredentialRequestSpec Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] ==== TokenCredentialRequestStatus Status of a TokenCredentialRequest, returned on responses to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-26-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-34-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + | *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + |=== diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.34/apis/concierge/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/doc.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/doc.go diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/register.go b/generated/1.34/apis/concierge/authentication/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/register.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/register.go diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.34/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.34/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/types_tls.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/types_tls.go diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.34/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go diff --git a/generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/concierge/config/v1alpha1/doc.go b/generated/1.34/apis/concierge/config/v1alpha1/doc.go similarity index 100% rename from generated/1.26/apis/concierge/config/v1alpha1/doc.go rename to generated/1.34/apis/concierge/config/v1alpha1/doc.go diff --git a/generated/1.26/apis/concierge/config/v1alpha1/register.go b/generated/1.34/apis/concierge/config/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/concierge/config/v1alpha1/register.go rename to generated/1.34/apis/concierge/config/v1alpha1/register.go diff --git a/generated/1.26/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.34/apis/concierge/config/v1alpha1/types_credentialissuer.go similarity index 100% rename from generated/1.26/apis/concierge/config/v1alpha1/types_credentialissuer.go rename to generated/1.34/apis/concierge/config/v1alpha1/types_credentialissuer.go diff --git a/generated/1.26/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/concierge/identity/doc.go b/generated/1.34/apis/concierge/identity/doc.go similarity index 100% rename from generated/1.26/apis/concierge/identity/doc.go rename to generated/1.34/apis/concierge/identity/doc.go diff --git a/generated/1.26/apis/concierge/identity/register.go b/generated/1.34/apis/concierge/identity/register.go similarity index 100% rename from generated/1.26/apis/concierge/identity/register.go rename to generated/1.34/apis/concierge/identity/register.go diff --git a/generated/1.26/apis/concierge/identity/types_userinfo.go b/generated/1.34/apis/concierge/identity/types_userinfo.go similarity index 100% rename from generated/1.26/apis/concierge/identity/types_userinfo.go rename to generated/1.34/apis/concierge/identity/types_userinfo.go diff --git a/generated/1.26/apis/concierge/identity/types_whoamirequest.go b/generated/1.34/apis/concierge/identity/types_whoamirequest.go similarity index 100% rename from generated/1.26/apis/concierge/identity/types_whoamirequest.go rename to generated/1.34/apis/concierge/identity/types_whoamirequest.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.34/apis/concierge/identity/v1alpha1/conversion.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/conversion.go rename to generated/1.34/apis/concierge/identity/v1alpha1/conversion.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.34/apis/concierge/identity/v1alpha1/defaults.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/defaults.go rename to generated/1.34/apis/concierge/identity/v1alpha1/defaults.go diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/doc.go b/generated/1.34/apis/concierge/identity/v1alpha1/doc.go similarity index 84% rename from generated/1.29/apis/concierge/identity/v1alpha1/doc.go rename to generated/1.34/apis/concierge/identity/v1alpha1/doc.go index c285d9ceb..93d57bbd5 100644 --- a/generated/1.29/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.34/apis/concierge/identity/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.29/apis/concierge/identity +// +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta // +groupName=identity.concierge.pinniped.dev diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/register.go b/generated/1.34/apis/concierge/identity/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/register.go rename to generated/1.34/apis/concierge/identity/v1alpha1/register.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.34/apis/concierge/identity/v1alpha1/types_userinfo.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/types_userinfo.go rename to generated/1.34/apis/concierge/identity/v1alpha1/types_userinfo.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/types_whoamirequest.go b/generated/1.34/apis/concierge/identity/v1alpha1/types_whoamirequest.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/types_whoamirequest.go rename to generated/1.34/apis/concierge/identity/v1alpha1/types_whoamirequest.go diff --git a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.conversion.go rename to generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index ca57c01d5..2a31a60fe 100644 --- a/generated/1.28/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - identity "go.pinniped.dev/generated/1.28/apis/concierge/identity" + identity "go.pinniped.dev/generated/1.34/apis/concierge/identity" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.26/apis/concierge/identity/v1alpha1/zz_generated.defaults.go rename to generated/1.34/apis/concierge/identity/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.29/apis/concierge/identity/validation/validation.go b/generated/1.34/apis/concierge/identity/validation/validation.go similarity index 84% rename from generated/1.29/apis/concierge/identity/validation/validation.go rename to generated/1.34/apis/concierge/identity/validation/validation.go index a498185e8..df30c97c3 100644 --- a/generated/1.29/apis/concierge/identity/validation/validation.go +++ b/generated/1.34/apis/concierge/identity/validation/validation.go @@ -6,7 +6,7 @@ package validation import ( "k8s.io/apimachinery/pkg/util/validation/field" - identityapi "go.pinniped.dev/generated/1.29/apis/concierge/identity" + identityapi "go.pinniped.dev/generated/1.34/apis/concierge/identity" ) func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { diff --git a/generated/1.26/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/identity/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/identity/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/identity/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/concierge/login/doc.go b/generated/1.34/apis/concierge/login/doc.go similarity index 100% rename from generated/1.26/apis/concierge/login/doc.go rename to generated/1.34/apis/concierge/login/doc.go diff --git a/generated/1.26/apis/concierge/login/register.go b/generated/1.34/apis/concierge/login/register.go similarity index 100% rename from generated/1.26/apis/concierge/login/register.go rename to generated/1.34/apis/concierge/login/register.go diff --git a/generated/1.26/apis/concierge/login/types_clustercredential.go b/generated/1.34/apis/concierge/login/types_clustercredential.go similarity index 100% rename from generated/1.26/apis/concierge/login/types_clustercredential.go rename to generated/1.34/apis/concierge/login/types_clustercredential.go diff --git a/generated/1.26/apis/concierge/login/types_tokencredentialrequest.go b/generated/1.34/apis/concierge/login/types_tokencredentialrequest.go similarity index 100% rename from generated/1.26/apis/concierge/login/types_tokencredentialrequest.go rename to generated/1.34/apis/concierge/login/types_tokencredentialrequest.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/conversion.go b/generated/1.34/apis/concierge/login/v1alpha1/conversion.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/conversion.go rename to generated/1.34/apis/concierge/login/v1alpha1/conversion.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/defaults.go b/generated/1.34/apis/concierge/login/v1alpha1/defaults.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/defaults.go rename to generated/1.34/apis/concierge/login/v1alpha1/defaults.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/doc.go b/generated/1.34/apis/concierge/login/v1alpha1/doc.go similarity index 84% rename from generated/1.26/apis/concierge/login/v1alpha1/doc.go rename to generated/1.34/apis/concierge/login/v1alpha1/doc.go index bc8327f51..0df501094 100644 --- a/generated/1.26/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.34/apis/concierge/login/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.26/apis/concierge/login +// +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/concierge/login // +k8s:defaulter-gen=TypeMeta // +groupName=login.concierge.pinniped.dev diff --git a/generated/1.26/apis/concierge/login/v1alpha1/register.go b/generated/1.34/apis/concierge/login/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/register.go rename to generated/1.34/apis/concierge/login/v1alpha1/register.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/types_clustercredential.go b/generated/1.34/apis/concierge/login/v1alpha1/types_clustercredential.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/types_clustercredential.go rename to generated/1.34/apis/concierge/login/v1alpha1/types_clustercredential.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go b/generated/1.34/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go rename to generated/1.34/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.34/apis/concierge/login/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.26/apis/concierge/login/v1alpha1/zz_generated.conversion.go rename to generated/1.34/apis/concierge/login/v1alpha1/zz_generated.conversion.go index d9df804c2..1a81d2e03 100644 --- a/generated/1.26/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.34/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - login "go.pinniped.dev/generated/1.26/apis/concierge/login" + login "go.pinniped.dev/generated/1.34/apis/concierge/login" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.26/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.34/apis/concierge/login/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.26/apis/concierge/login/v1alpha1/zz_generated.defaults.go rename to generated/1.34/apis/concierge/login/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.26/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.34/apis/concierge/login/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/concierge/login/zz_generated.deepcopy.go rename to generated/1.34/apis/concierge/login/zz_generated.deepcopy.go diff --git a/generated/1.34/apis/go.mod b/generated/1.34/apis/go.mod new file mode 100644 index 000000000..eb3cab3d5 --- /dev/null +++ b/generated/1.34/apis/go.mod @@ -0,0 +1,29 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.34/apis + +go 1.24.0 + +require ( + k8s.io/api v0.34.2 + k8s.io/apimachinery v0.34.2 +) + +require ( + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.2 // indirect + golang.org/x/net v0.38.0 // indirect + golang.org/x/text v0.23.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect +) diff --git a/generated/1.29/apis/go.sum b/generated/1.34/apis/go.sum similarity index 62% rename from generated/1.29/apis/go.sum rename to generated/1.34/apis/go.sum index 34aa72a40..bf7f3353a 100644 --- a/generated/1.29/apis/go.sum +++ b/generated/1.34/apis/go.sum @@ -1,16 +1,16 @@ +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -22,20 +22,25 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= +github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= +go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -45,8 +50,8 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= +golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -55,8 +60,8 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -70,22 +75,21 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntN gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.14 h1:JWFh5ufowH3Y6tCgEzY3URVJHb27f0tEDEej0nCjWDw= -k8s.io/api v0.29.14/go.mod h1:IV8YqKxMm8JGLBLlHM13Npn5lCITH10XYipWEW+YEOQ= -k8s.io/apimachinery v0.29.14 h1:IDhwnGNCp836SLOwW1SoEfFNV77wxIklhxeAHX9vmSo= -k8s.io/apimachinery v0.29.14/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= +k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= +k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= +k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= +k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.26/apis/supervisor/clientsecret/doc.go b/generated/1.34/apis/supervisor/clientsecret/doc.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/doc.go rename to generated/1.34/apis/supervisor/clientsecret/doc.go diff --git a/generated/1.26/apis/supervisor/clientsecret/register.go b/generated/1.34/apis/supervisor/clientsecret/register.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/register.go rename to generated/1.34/apis/supervisor/clientsecret/register.go diff --git a/generated/1.26/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.34/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go rename to generated/1.34/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/conversion.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/conversion.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/conversion.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/conversion.go diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/defaults.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/defaults.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/defaults.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/defaults.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go similarity index 85% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/doc.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go index 50a72945c..9f617a763 100644 --- a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret +// +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta // +groupName=clientsecret.supervisor.pinniped.dev diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/register.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/register.go diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index 86769ebad..6590f7095 100644 --- a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - clientsecret "go.pinniped.dev/generated/1.27/apis/supervisor/clientsecret" + clientsecret "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go rename to generated/1.34/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.26/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.34/apis/supervisor/clientsecret/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/supervisor/clientsecret/zz_generated.deepcopy.go rename to generated/1.34/apis/supervisor/clientsecret/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/doc.go b/generated/1.34/apis/supervisor/config/v1alpha1/doc.go similarity index 100% rename from generated/1.26/apis/supervisor/config/v1alpha1/doc.go rename to generated/1.34/apis/supervisor/config/v1alpha1/doc.go diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/register.go b/generated/1.34/apis/supervisor/config/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/supervisor/config/v1alpha1/register.go rename to generated/1.34/apis/supervisor/config/v1alpha1/register.go diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.34/apis/supervisor/config/v1alpha1/types_federationdomain.go similarity index 100% rename from generated/1.26/apis/supervisor/config/v1alpha1/types_federationdomain.go rename to generated/1.34/apis/supervisor/config/v1alpha1/types_federationdomain.go diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.34/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.26/apis/supervisor/config/v1alpha1/types_oidcclient.go rename to generated/1.34/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.34/apis/supervisor/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/doc.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/doc.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/register.go b/generated/1.34/apis/supervisor/idp/v1alpha1/register.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/register.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/register.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.34/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go b/generated/1.34/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.34/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.34/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.34/apis/supervisor/idp/v1alpha1/types_tls.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/types_tls.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/types_tls.go diff --git a/generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.34/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.26/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.34/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.26/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.34/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go similarity index 100% rename from generated/1.26/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go rename to generated/1.34/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go diff --git a/generated/1.26/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.34/apis/supervisor/oidc/types_supervisor_oidc.go similarity index 100% rename from generated/1.26/apis/supervisor/oidc/types_supervisor_oidc.go rename to generated/1.34/apis/supervisor/oidc/types_supervisor_oidc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/clientset.go b/generated/1.34/client/concierge/clientset/versioned/clientset.go similarity index 94% rename from generated/1.26/client/concierge/clientset/versioned/clientset.go rename to generated/1.34/client/concierge/clientset/versioned/clientset.go index f77416ca8..5dfe926b9 100644 --- a/generated/1.26/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.34/client/concierge/clientset/versioned/clientset.go @@ -6,13 +6,13 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.27/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.34/client/concierge/clientset/versioned/fake/clientset_generated.go similarity index 72% rename from generated/1.27/client/concierge/clientset/versioned/fake/clientset_generated.go rename to generated/1.34/client/concierge/clientset/versioned/fake/clientset_generated.go index 2e5d169ac..950ac5f1c 100644 --- a/generated/1.27/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.34/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -6,15 +6,16 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" - identityv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1" - fakeidentityv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" - loginv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1" - fakeloginv1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -24,8 +25,12 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. +// +// DEPRECATED: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) for _, obj := range objects { @@ -38,9 +43,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchActcion, ok := action.(testing.WatchActionImpl); ok { + opts = watchActcion.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } diff --git a/generated/1.26/client/concierge/clientset/versioned/fake/doc.go b/generated/1.34/client/concierge/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/fake/doc.go rename to generated/1.34/client/concierge/clientset/versioned/fake/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/fake/register.go b/generated/1.34/client/concierge/clientset/versioned/fake/register.go similarity index 85% rename from generated/1.26/client/concierge/clientset/versioned/fake/register.go rename to generated/1.34/client/concierge/clientset/versioned/fake/register.go index 4144bcd7b..9c3acc365 100644 --- a/generated/1.26/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.34/client/concierge/clientset/versioned/fake/register.go @@ -6,10 +6,10 @@ package fake import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.26/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.34/client/concierge/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/scheme/doc.go rename to generated/1.34/client/concierge/clientset/versioned/scheme/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/scheme/register.go b/generated/1.34/client/concierge/clientset/versioned/scheme/register.go similarity index 85% rename from generated/1.27/client/concierge/clientset/versioned/scheme/register.go rename to generated/1.34/client/concierge/clientset/versioned/scheme/register.go index 0ea22a076..deead4bdc 100644 --- a/generated/1.27/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.34/client/concierge/clientset/versioned/scheme/register.go @@ -6,10 +6,10 @@ package scheme import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 84% rename from generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 38c8a46fa..af2a00fc7 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthentica // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *AuthenticationV1alpha1Client { return &AuthenticationV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := authenticationv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 84% rename from generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 81b86d866..3380cc015 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeAuthenticationV1alpha1 struct { } func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { - return &FakeJWTAuthenticators{c} + return newFakeJWTAuthenticators(c) } func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { - return &FakeWebhookAuthenticators{c} + return newFakeWebhookAuthenticators(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 000000000..6350d4c05 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeJWTAuthenticators implements JWTAuthenticatorInterface +type fakeJWTAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeJWTAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.JWTAuthenticatorInterface { + return &fakeJWTAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator"), + func() *v1alpha1.JWTAuthenticator { return &v1alpha1.JWTAuthenticator{} }, + func() *v1alpha1.JWTAuthenticatorList { return &v1alpha1.JWTAuthenticatorList{} }, + func(dst, src *v1alpha1.JWTAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.JWTAuthenticatorList) []*v1alpha1.JWTAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.JWTAuthenticatorList, items []*v1alpha1.JWTAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..ac0e572e4 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type fakeWebhookAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeWebhookAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.WebhookAuthenticatorInterface { + return &fakeWebhookAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator"), + func() *v1alpha1.WebhookAuthenticator { return &v1alpha1.WebhookAuthenticator{} }, + func() *v1alpha1.WebhookAuthenticatorList { return &v1alpha1.WebhookAuthenticatorList{} }, + func(dst, src *v1alpha1.WebhookAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.WebhookAuthenticatorList) []*v1alpha1.WebhookAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.WebhookAuthenticatorList, items []*v1alpha1.WebhookAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go rename to generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..404f71e48 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,59 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList] +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList]( + "jwtauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.JWTAuthenticator { return &authenticationv1alpha1.JWTAuthenticator{} }, + func() *authenticationv1alpha1.JWTAuthenticatorList { + return &authenticationv1alpha1.JWTAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..fc63b9233 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,61 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList] +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList]( + "webhookauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.WebhookAuthenticator { + return &authenticationv1alpha1.WebhookAuthenticator{} + }, + func() *authenticationv1alpha1.WebhookAuthenticatorList { + return &authenticationv1alpha1.WebhookAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 82% rename from generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index e3d1de924..ab597f9fd 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..320b65626 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.CreateOptions) (*configv1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + *gentype.ClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList] +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + gentype.NewClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList]( + "credentialissuers", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *configv1alpha1.CredentialIssuer { return &configv1alpha1.CredentialIssuer{} }, + func() *configv1alpha1.CredentialIssuerList { return &configv1alpha1.CredentialIssuerList{} }, + ), + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 86% rename from generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 1a11dacd8..3993ce1b4 100644 --- a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { - return &FakeCredentialIssuers{c} + return newFakeCredentialIssuers(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 000000000..37241990e --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeCredentialIssuers implements CredentialIssuerInterface +type fakeCredentialIssuers struct { + *gentype.FakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList] + Fake *FakeConfigV1alpha1 +} + +func newFakeCredentialIssuers(fake *FakeConfigV1alpha1) configv1alpha1.CredentialIssuerInterface { + return &fakeCredentialIssuers{ + gentype.NewFakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("credentialissuers"), + v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer"), + func() *v1alpha1.CredentialIssuer { return &v1alpha1.CredentialIssuer{} }, + func() *v1alpha1.CredentialIssuerList { return &v1alpha1.CredentialIssuerList{} }, + func(dst, src *v1alpha1.CredentialIssuerList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.CredentialIssuerList) []*v1alpha1.CredentialIssuer { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.CredentialIssuerList, items []*v1alpha1.CredentialIssuer) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.34/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go similarity index 86% rename from generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index 5567e79e0..f6ccfa974 100644 --- a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeIdentityV1alpha1 struct { } func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { - return &FakeWhoAmIRequests{c} + return newFakeWhoAmIRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 000000000..5b60df224 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWhoAmIRequests implements WhoAmIRequestInterface +type fakeWhoAmIRequests struct { + *gentype.FakeClient[*v1alpha1.WhoAmIRequest] + Fake *FakeIdentityV1alpha1 +} + +func newFakeWhoAmIRequests(fake *FakeIdentityV1alpha1) identityv1alpha1.WhoAmIRequestInterface { + return &fakeWhoAmIRequests{ + gentype.NewFakeClient[*v1alpha1.WhoAmIRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("whoamirequests"), + v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest"), + func() *v1alpha1.WhoAmIRequest { return &v1alpha1.WhoAmIRequest{} }, + ), + fake, + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go rename to generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go similarity index 82% rename from generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index fc854fe91..01b8c868e 100644 --- a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1" - "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" + identityv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *IdentityV1alpha1Client { return &IdentityV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := identityv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 000000000..4c64e8d86 --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,45 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + identityv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *identityv1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*identityv1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + *gentype.Client[*identityv1alpha1.WhoAmIRequest] +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + gentype.NewClient[*identityv1alpha1.WhoAmIRequest]( + "whoamirequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *identityv1alpha1.WhoAmIRequest { return &identityv1alpha1.WhoAmIRequest{} }, + ), + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go similarity index 85% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 4f841552d..9141634f8 100644 --- a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeLoginV1alpha1 struct { } func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { - return &FakeTokenCredentialRequests{c} + return newFakeTokenCredentialRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 000000000..f8b3231ef --- /dev/null +++ b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeTokenCredentialRequests implements TokenCredentialRequestInterface +type fakeTokenCredentialRequests struct { + *gentype.FakeClient[*v1alpha1.TokenCredentialRequest] + Fake *FakeLoginV1alpha1 +} + +func newFakeTokenCredentialRequests(fake *FakeLoginV1alpha1) loginv1alpha1.TokenCredentialRequestInterface { + return &fakeTokenCredentialRequests{ + gentype.NewFakeClient[*v1alpha1.TokenCredentialRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"), + v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest"), + func() *v1alpha1.TokenCredentialRequest { return &v1alpha1.TokenCredentialRequest{} }, + ), + fake, + } +} diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go similarity index 82% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 481d65953..8c4dc486d 100644 --- a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1" - "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestIn // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *LoginV1alpha1Client { return &LoginV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := loginv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go similarity index 50% rename from generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go rename to generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 8daaaeebf..1945955b7 100644 --- a/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.34/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -6,12 +6,12 @@ package v1alpha1 import ( - "context" + context "context" - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1" - scheme "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" + gentype "k8s.io/client-go/gentype" ) // TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. @@ -22,30 +22,24 @@ type TokenCredentialRequestsGetter interface { // TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. type TokenCredentialRequestInterface interface { - Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + Create(ctx context.Context, tokenCredentialRequest *loginv1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*loginv1alpha1.TokenCredentialRequest, error) TokenCredentialRequestExpansion } // tokenCredentialRequests implements TokenCredentialRequestInterface type tokenCredentialRequests struct { - client rest.Interface + *gentype.Client[*loginv1alpha1.TokenCredentialRequest] } // newTokenCredentialRequests returns a TokenCredentialRequests func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { return &tokenCredentialRequests{ - client: c.RESTClient(), + gentype.NewClient[*loginv1alpha1.TokenCredentialRequest]( + "tokencredentialrequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *loginv1alpha1.TokenCredentialRequest { return &loginv1alpha1.TokenCredentialRequest{} }, + ), } } - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - result = &v1alpha1.TokenCredentialRequest{} - err = c.client.Post(). - Resource("tokencredentialrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tokenCredentialRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.26/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.34/client/concierge/informers/externalversions/authentication/interface.go similarity index 89% rename from generated/1.26/client/concierge/informers/externalversions/authentication/interface.go rename to generated/1.34/client/concierge/informers/externalversions/authentication/interface.go index c8dfe864f..7f80fd392 100644 --- a/generated/1.26/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.34/client/concierge/informers/externalversions/authentication/interface.go @@ -6,8 +6,8 @@ package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go similarity index 95% rename from generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go rename to generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index d318bcee7..1a732c60e 100644 --- a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go similarity index 66% rename from generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go rename to generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 47ce1cf3b..a3f09b61a 100644 --- a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/listers/authentication/v1alpha1" + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // JWTAuthenticators. type JWTAuthenticatorInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.JWTAuthenticatorLister + Lister() authenticationv1alpha1.JWTAuthenticatorLister } type jWTAuthenticatorInformer struct { @@ -48,16 +48,28 @@ func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPerio if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, options) }, }, - &authenticationv1alpha1.JWTAuthenticator{}, + &conciergeauthenticationv1alpha1.JWTAuthenticator{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, r } func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) } -func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { - return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +func (f *jWTAuthenticatorInformer) Lister() authenticationv1alpha1.JWTAuthenticatorLister { + return authenticationv1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go similarity index 66% rename from generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go rename to generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index 5c05b47e1..8fac7dc30 100644 --- a/generated/1.28/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.34/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/listers/authentication/v1alpha1" + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // WebhookAuthenticators. type WebhookAuthenticatorInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookAuthenticatorLister + Lister() authenticationv1alpha1.WebhookAuthenticatorLister } type webhookAuthenticatorInformer struct { @@ -48,16 +48,28 @@ func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncP if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, options) }, }, - &authenticationv1alpha1.WebhookAuthenticator{}, + &conciergeauthenticationv1alpha1.WebhookAuthenticator{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interfac } func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) } -func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { - return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +func (f *webhookAuthenticatorInformer) Lister() authenticationv1alpha1.WebhookAuthenticatorLister { + return authenticationv1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/concierge/informers/externalversions/config/interface.go b/generated/1.34/client/concierge/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.28/client/concierge/informers/externalversions/config/interface.go rename to generated/1.34/client/concierge/informers/externalversions/config/interface.go index d27eb3fdc..d36f4b71b 100644 --- a/generated/1.28/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.34/client/concierge/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go similarity index 68% rename from generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go rename to generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 0b0bf991a..5d00e9a20 100644 --- a/generated/1.26/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/listers/config/v1alpha1" + conciergeconfigv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/concierge/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // CredentialIssuers. type CredentialIssuerInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.CredentialIssuerLister + Lister() configv1alpha1.CredentialIssuerLister } type credentialIssuerInformer struct { @@ -48,16 +48,28 @@ func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPerio if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) + return client.ConfigV1alpha1().CredentialIssuers().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, options) }, }, - &configv1alpha1.CredentialIssuer{}, + &conciergeconfigv1alpha1.CredentialIssuer{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, r } func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeconfigv1alpha1.CredentialIssuer{}, f.defaultInformer) } -func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { - return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +func (f *credentialIssuerInformer) Lister() configv1alpha1.CredentialIssuerLister { + return configv1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) } diff --git a/generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/interface.go similarity index 94% rename from generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/interface.go index 5f8a3356a..99f625df3 100644 --- a/generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.34/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.29/client/concierge/informers/externalversions/factory.go b/generated/1.34/client/concierge/informers/externalversions/factory.go similarity index 96% rename from generated/1.29/client/concierge/informers/externalversions/factory.go rename to generated/1.34/client/concierge/informers/externalversions/factory.go index e21d5eca0..8d810dade 100644 --- a/generated/1.29/client/concierge/informers/externalversions/factory.go +++ b/generated/1.34/client/concierge/informers/externalversions/factory.go @@ -10,10 +10,10 @@ import ( sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned" - authentication "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/authentication" - config "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/config" - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.34/client/concierge/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -216,6 +216,7 @@ type SharedInformerFactory interface { // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. Start(stopCh <-chan struct{}) // Shutdown marks a factory as shutting down. At that point no new diff --git a/generated/1.28/client/concierge/informers/externalversions/generic.go b/generated/1.34/client/concierge/informers/externalversions/generic.go similarity index 93% rename from generated/1.28/client/concierge/informers/externalversions/generic.go rename to generated/1.34/client/concierge/informers/externalversions/generic.go index 48a79d848..9a129abe8 100644 --- a/generated/1.28/client/concierge/informers/externalversions/generic.go +++ b/generated/1.34/client/concierge/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.27/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.34/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 93% rename from generated/1.27/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.34/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index e89e8d149..ef22f4fa0 100644 --- a/generated/1.27/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.34/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" + versioned "go.pinniped.dev/generated/1.34/client/concierge/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" diff --git a/generated/1.26/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.34/client/concierge/listers/authentication/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.26/client/concierge/listers/authentication/v1alpha1/expansion_generated.go rename to generated/1.34/client/concierge/listers/authentication/v1alpha1/expansion_generated.go diff --git a/generated/1.34/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.34/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..b55cad0dc --- /dev/null +++ b/generated/1.34/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.JWTAuthenticator] +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{listers.New[*authenticationv1alpha1.JWTAuthenticator](indexer, authenticationv1alpha1.Resource("jwtauthenticator"))} +} diff --git a/generated/1.34/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.34/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..223f0b526 --- /dev/null +++ b/generated/1.34/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.WebhookAuthenticator] +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{listers.New[*authenticationv1alpha1.WebhookAuthenticator](indexer, authenticationv1alpha1.Resource("webhookauthenticator"))} +} diff --git a/generated/1.34/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.34/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..dd52edf05 --- /dev/null +++ b/generated/1.34/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/concierge/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + listers.ResourceIndexer[*configv1alpha1.CredentialIssuer] +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{listers.New[*configv1alpha1.CredentialIssuer](indexer, configv1alpha1.Resource("credentialissuer"))} +} diff --git a/generated/1.26/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.34/client/concierge/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.26/client/concierge/listers/config/v1alpha1/expansion_generated.go rename to generated/1.34/client/concierge/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.28/client/concierge/openapi/zz_generated.openapi.go b/generated/1.34/client/concierge/openapi/zz_generated.openapi.go similarity index 84% rename from generated/1.28/client/concierge/openapi/zz_generated.openapi.go rename to generated/1.34/client/concierge/openapi/zz_generated.openapi.go index ec1b93d76..0a0900d1f 100644 --- a/generated/1.28/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.34/client/concierge/openapi/zz_generated.openapi.go @@ -6,31 +6,31 @@ // Code generated by openapi-gen. DO NOT EDIT. -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi +package concierge import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), + "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), @@ -44,8 +44,8 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), + "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), @@ -57,14 +57,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), + "k8s.io/api/core/v1.ContainerExtendedResourceRequest": schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + "k8s.io/api/core/v1.ContainerRestartRule": schema_k8sio_api_core_v1_ContainerRestartRule(ref), + "k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes": schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), + "k8s.io/api/core/v1.ContainerUser": schema_k8sio_api_core_v1_ContainerUser(ref), "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), @@ -87,6 +91,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), + "k8s.io/api/core/v1.FileKeySelector": schema_k8sio_api_core_v1_FileKeySelector(ref), "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), @@ -102,6 +107,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + "k8s.io/api/core/v1.ImageVolumeSource": schema_k8sio_api_core_v1_ImageVolumeSource(ref), "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), @@ -109,11 +115,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), + "k8s.io/api/core/v1.LinuxContainerUser": schema_k8sio_api_core_v1_LinuxContainerUser(ref), "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), + "k8s.io/api/core/v1.ModifyVolumeStatus": schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), @@ -127,14 +135,17 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + "k8s.io/api/core/v1.NodeFeatures": schema_k8sio_api_core_v1_NodeFeatures(ref), "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeResources": schema_k8sio_api_core_v1_NodeResources(ref), + "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), + "k8s.io/api/core/v1.NodeSwapStatus": schema_k8sio_api_core_v1_NodeSwapStatus(ref), "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), @@ -156,10 +167,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), + "k8s.io/api/core/v1.PodCertificateProjection": schema_k8sio_api_core_v1_PodCertificateProjection(ref), "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), + "k8s.io/api/core/v1.PodExtendedResourceClaimStatus": schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), @@ -196,11 +209,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + "k8s.io/api/core/v1.ResourceHealth": schema_k8sio_api_core_v1_ResourceHealth(ref), "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), + "k8s.io/api/core/v1.ResourceStatus": schema_k8sio_api_core_v1_ResourceStatus(ref), "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), @@ -226,6 +241,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + "k8s.io/api/core/v1.SleepAction": schema_k8sio_api_core_v1_SleepAction(ref), "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), @@ -240,8 +256,10 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), + "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), + "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), @@ -256,6 +274,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.FieldSelectorRequirement": schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), @@ -312,7 +331,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "User is the UserInfo associated with the current user.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.UserInfo"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.UserInfo"), }, }, "audiences": { @@ -335,7 +354,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.UserInfo"}, + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.UserInfo"}, } } @@ -436,20 +455,20 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } @@ -488,7 +507,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequest"), }, }, }, @@ -499,7 +518,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } @@ -525,7 +544,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe SchemaProps: spec.SchemaProps{ Description: "The current authenticated user, exactly as Kubernetes understands it.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), }, }, }, @@ -533,7 +552,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, + "go.pinniped.dev/generated/1.34/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, } } @@ -547,7 +566,6 @@ func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.Reference "expirationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -610,20 +628,20 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } @@ -662,7 +680,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequest"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequest"), }, }, }, @@ -673,7 +691,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } @@ -717,7 +735,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo "credential": { SchemaProps: spec.SchemaProps{ Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.ClusterCredential"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.ClusterCredential"), }, }, "message": { @@ -731,7 +749,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1.ClusterCredential"}, + "go.pinniped.dev/generated/1.34/apis/concierge/login/v1alpha1.ClusterCredential"}, } } @@ -811,6 +829,48 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open } } +func schema_k8sio_api_core_v1_AppArmorProfile(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppArmorProfile defines a pod or container's AppArmor settings.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.\n\nPossible enum values:\n - `\"Localhost\"` indicates that a profile pre-loaded on the node should be used.\n - `\"RuntimeDefault\"` indicates that the container runtime's default AppArmor profile should be used.\n - `\"Unconfined\"` indicates that no AppArmor profile should be enforced.", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}, + }, + }, + "localhostProfile": { + SchemaProps: spec.SchemaProps{ + Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "discriminator": "type", + "fields-to-discriminateBy": map[string]interface{}{ + "localhostProfile": "LocalhostProfile", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_AttachedVolume(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -849,6 +909,11 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Type: []string{"object"}, Properties: map[string]spec.Schema{ "preferAvoidPods": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Bounded-sized list of signatures of pods that should avoid this node, sorted in timestamp order from oldest to newest. Size of the slice is unspecified.", Type: []string{"array"}, @@ -896,6 +961,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "cachingMode": { SchemaProps: spec.SchemaProps{ Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, @@ -904,6 +970,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -911,6 +978,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, @@ -918,6 +986,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "kind": { SchemaProps: spec.SchemaProps{ Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", Enum: []interface{}{"Dedicated", "Managed", "Shared"}, @@ -1015,7 +1084,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1059,7 +1128,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -1134,7 +1203,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ - Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", + Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", Ref: ref("k8s.io/api/core/v1.SecretReference"), }, }, @@ -1215,6 +1284,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "add": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Added capabilities", Type: []string{"array"}, @@ -1230,6 +1304,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. }, }, "drop": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Removed capabilities", Type: []string{"array"}, @@ -1258,6 +1337,11 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1323,6 +1407,11 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1468,33 +1557,6 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c } } -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - func schema_k8sio_api_core_v1_ClientIPConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1515,6 +1577,57 @@ func schema_k8sio_api_core_v1_ClientIPConfig(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundleProjection describes how to select a set of ClusterTrustBundle objects and project their contents into the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.", + Type: []string{"string"}, + Format: "", + }, + }, + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.", + Type: []string{"string"}, + Format: "", + }, + }, + "labelSelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "Relative path from the volume root to write the bundle.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + } +} + func schema_k8sio_api_core_v1_ComponentCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1590,6 +1703,10 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -1749,7 +1866,8 @@ func schema_k8sio_api_core_v1_ConfigMapEnvSource(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1776,7 +1894,8 @@ func schema_k8sio_api_core_v1_ConfigMapKeySelector(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1920,12 +2039,18 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -1963,12 +2088,18 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -2027,6 +2158,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2042,6 +2178,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2089,8 +2230,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -2105,6 +2251,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -2150,14 +2300,37 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -2178,6 +2351,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -2274,7 +2451,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2286,6 +2501,11 @@ func schema_k8sio_api_core_v1_ContainerImage(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "names": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Names by which this image is known. e.g. [\"kubernetes.example/hyperkube:v1.0.7\", \"cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7\"]", Type: []string{"array"}, @@ -2395,6 +2615,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref("k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes"), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes"}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2438,7 +2728,6 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -2489,14 +2778,12 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -2626,8 +2913,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -2639,12 +2925,95 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), }, }, + "volumeMounts": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "mountPath", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of volume mounts.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + }, + }, + }, + }, + }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref("k8s.io/api/core/v1.ContainerUser"), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ResourceStatus"), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, Required: []string{"name", "ready", "restartCount", "image", "imageID"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ContainerUser", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.ResourceStatus", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref("k8s.io/api/core/v1.LinuxContainerUser"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.LinuxContainerUser"}, } } @@ -2678,6 +3047,11 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of DownwardAPIVolume file", Type: []string{"array"}, @@ -2716,7 +3090,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, "fieldRef": { SchemaProps: spec.SchemaProps{ - Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), }, }, @@ -2750,6 +3124,11 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of downward API volume file", Type: []string{"array"}, @@ -2810,7 +3189,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { @@ -2859,7 +3238,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2887,7 +3266,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -2908,10 +3287,15 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", Type: []string{"array"}, @@ -2926,6 +3310,11 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, "notReadyAddresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", Type: []string{"array"}, @@ -2940,6 +3329,11 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Port numbers available on the related IP addresses.", Type: []string{"array"}, @@ -2965,7 +3359,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2990,6 +3384,11 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, "subsets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", Type: []string{"array"}, @@ -3015,7 +3414,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3066,12 +3465,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3105,7 +3504,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3164,11 +3563,17 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), }, }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref("k8s.io/api/core/v1.FileKeySelector"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.FileKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, } } @@ -3195,6 +3600,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3210,6 +3620,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3257,8 +3672,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3273,6 +3693,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3318,14 +3742,37 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3346,6 +3793,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3449,7 +3900,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, } } @@ -3476,6 +3927,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3491,6 +3947,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3538,8 +3999,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3554,6 +4020,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3599,14 +4069,37 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3627,6 +4120,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3723,7 +4220,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, } } @@ -3807,14 +4304,12 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -3835,7 +4330,6 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), }, }, @@ -3951,7 +4445,6 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), }, }, @@ -3998,6 +4491,11 @@ func schema_k8sio_api_core_v1_ExecAction(ref common.ReferenceCallback) common.Op Type: []string{"object"}, Properties: map[string]spec.Schema{ "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", Type: []string{"array"}, @@ -4026,6 +4524,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "targetWWNs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "targetWWNs is Optional: FC target worldwide names (WWNs)", Type: []string{"array"}, @@ -4062,6 +4565,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo }, }, "wwids": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", Type: []string{"array"}, @@ -4082,6 +4590,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4276,7 +4835,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4390,7 +4950,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4435,7 +4995,6 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common "port": { SchemaProps: spec.SchemaProps{ Description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -4455,6 +5014,11 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, "httpHeaders": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Custom headers to set in the request. HTTP allows repeated headers.", Type: []string{"array"}, @@ -4517,11 +5081,17 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope "ip": { SchemaProps: spec.SchemaProps{ Description: "IP address of the host file entry.", + Default: "", Type: []string{"string"}, Format: "", }, }, "hostnames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Hostnames for the above IP address.", Type: []string{"array"}, @@ -4537,6 +5107,7 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope }, }, }, + Required: []string{"ip"}, }, }, } @@ -4552,11 +5123,13 @@ func schema_k8sio_api_core_v1_HostIP(ref common.ReferenceCallback) common.OpenAP "ip": { SchemaProps: spec.SchemaProps{ Description: "IP is the IP address assigned to the host", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"ip"}, }, }, } @@ -4626,6 +5199,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4645,6 +5219,11 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4729,6 +5308,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4748,6 +5328,11 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4798,6 +5383,34 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_KeyToPath(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4854,6 +5467,14 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), }, }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, }, }, @@ -4871,27 +5492,33 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, + "sleep": { + SchemaProps: spec.SchemaProps{ + Description: "Sleep represents a duration that the container should sleep.", + Ref: ref("k8s.io/api/core/v1.SleepAction"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.SleepAction", "k8s.io/api/core/v1.TCPSocketAction"}, } } @@ -4961,8 +5588,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -4976,8 +5602,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -4991,8 +5616,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -5006,8 +5630,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -5021,8 +5644,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -5096,6 +5718,11 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "limits": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Limits is the list of LimitRangeItem objects that are enforced.", Type: []string{"array"}, @@ -5118,6 +5745,56 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5153,8 +5830,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), }, }, }, @@ -5190,6 +5866,13 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Format: "", }, }, + "ipMode": { + SchemaProps: spec.SchemaProps{ + Description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. Setting this to \"VIP\" indicates that traffic is delivered to the node with the destination set to the load-balancer's IP and port. Setting this to \"Proxy\" indicates that traffic is delivered to the node or pod with the destination set to the node's IP and node port or the pod's IP and port. Service implementations may use this information to adjust traffic routing.", + Type: []string{"string"}, + Format: "", + }, + }, "ports": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -5225,6 +5908,11 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "ingress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", Type: []string{"array"}, @@ -5255,7 +5943,8 @@ func schema_k8sio_api_core_v1_LocalObjectReference(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -5275,7 +5964,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5300,6 +5989,36 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ModifyVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "targetVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately.\n\nPossible enum values:\n - `\"InProgress\"` InProgress indicates that the volume is being modified\n - `\"Infeasible\"` Infeasible indicates that the request has been rejected as invalid by the CSI driver. To resolve the error, a valid VolumeAttributesClass needs to be specified\n - `\"Pending\"` Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as the specified VolumeAttributesClass not existing", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"InProgress", "Infeasible", "Pending"}, + }, + }, + }, + Required: []string{"status"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_NFSVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5412,20 +6131,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5496,6 +6217,11 @@ func schema_k8sio_api_core_v1_NamespaceSpec(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "finalizers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", Type: []string{"array"}, @@ -5534,6 +6260,10 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -5653,6 +6383,11 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -5700,14 +6435,12 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -5817,6 +6550,26 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) } } +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5902,34 +6655,59 @@ func schema_k8sio_api_core_v1_NodeProxyOptions(ref common.ReferenceCallback) com } } -func schema_k8sio_api_core_v1_NodeResources(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeResources is an object for conveying resource information about a node. see https://kubernetes.io/docs/concepts/architecture/nodes/#capacity for more details.", + Description: "NodeRuntimeHandler is a set of runtime handler information.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "Capacity": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the available resources of a node", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), - }, - }, - }, + Description: "Runtime handler name. Empty for the default runtime handler.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Supported features.", + Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), }, }, }, - Required: []string{"Capacity"}, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + } +} + +func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "recursiveReadOnlyMounts": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnlyMounts is set to true if the runtime handler supports RecursiveReadOnlyMounts.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5941,6 +6719,11 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nodeSelectorTerms": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Required. A list of node selector terms. The terms are ORed.", Type: []string{"array"}, @@ -5993,6 +6776,11 @@ func schema_k8sio_api_core_v1_NodeSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -6022,6 +6810,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's labels.", Type: []string{"array"}, @@ -6036,6 +6829,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, "matchFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's fields.", Type: []string{"array"}, @@ -6079,6 +6877,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "podCIDRs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -6111,6 +6910,11 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, "taints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the node's taints.", Type: []string{"array"}, @@ -6154,14 +6958,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -6175,8 +6978,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -6193,12 +6995,16 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6213,12 +7019,16 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "addresses": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6239,12 +7049,17 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), }, }, "images": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of container images on this node", Type: []string{"array"}, @@ -6259,6 +7074,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesInUse": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of attachable volumes in use (mounted) by the node.", Type: []string{"array"}, @@ -6274,6 +7094,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesAttached": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of volumes that are attached to the node.", Type: []string{"array"}, @@ -6293,11 +7118,56 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), }, }, + "runtimeHandlers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "The available runtime handlers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref("k8s.io/api/core/v1.NodeFeatures"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeFeatures", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6366,7 +7236,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6388,10 +7258,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref("k8s.io/api/core/v1.NodeSwapStatus"), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + "k8s.io/api/core/v1.NodeSwapStatus"}, } } @@ -6605,35 +7483,35 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"Resizing\" that means the underlying persistent volume is being resized.", Type: []string{"string"}, Format: "", }, @@ -6713,6 +7591,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6722,6 +7605,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6737,7 +7621,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref("k8s.io/api/core/v1.VolumeResourceRequirements"), }, }, "volumeName": { @@ -6774,11 +7658,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), }, }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/api/core/v1.VolumeResourceRequirements", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, } } @@ -6798,6 +7689,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6807,6 +7703,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6820,8 +7717,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -6830,12 +7726,16 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6855,8 +7755,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -6878,16 +7777,30 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, }, }, }, }, }, + "currentVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", + Type: []string{"string"}, + Format: "", + }, + }, + "modifyVolumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.ModifyVolumeStatus", "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, } } @@ -7010,13 +7923,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, @@ -7028,7 +7941,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), }, }, @@ -7040,7 +7953,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), }, }, @@ -7052,13 +7965,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), }, }, @@ -7070,55 +7983,55 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), }, }, @@ -7130,13 +8043,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", + Description: "csi represents storage that is handled by an external CSI driver.", Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), }, }, @@ -7163,8 +8076,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -7172,13 +8084,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, @@ -7190,7 +8102,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), }, }, @@ -7202,7 +8114,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), }, }, @@ -7214,13 +8126,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), }, }, @@ -7232,55 +8144,55 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), }, }, @@ -7292,17 +8204,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", + Description: "csi represents storage that is handled by an external CSI driver.", Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", Type: []string{"array"}, @@ -7312,6 +8229,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -7344,6 +8262,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, "mountOptions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "mountOptions is the list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", Type: []string{"array"}, @@ -7372,6 +8295,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), }, }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -7411,7 +8341,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac }, "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ - Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.", + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -7510,6 +8440,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7524,6 +8459,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -7554,11 +8494,16 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "labelSelector": { SchemaProps: spec.SchemaProps{ - Description: "A label query over a set of resources, in this case pods.", + Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, "namespaces": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", Type: []string{"array"}, @@ -7587,6 +8532,46 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, + "matchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "mismatchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, Required: []string{"topologyKey"}, }, @@ -7604,6 +8589,11 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7618,8 +8608,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7701,6 +8696,62 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7716,6 +8767,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -7727,14 +8785,12 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -7769,6 +8825,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nameservers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", Type: []string{"array"}, @@ -7784,6 +8845,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "searches": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", Type: []string{"array"}, @@ -7799,6 +8865,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "options": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", Type: []string{"array"}, @@ -7829,15 +8900,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -7903,6 +8975,11 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the remote command to execute. argv array. Not executed within a shell.", Type: []string{"array"}, @@ -7924,6 +9001,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerExtendedResourceRequest"), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ContainerExtendedResourceRequest"}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7934,11 +9054,13 @@ func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPI "ip": { SchemaProps: spec.SchemaProps{ Description: "IP is the IP address assigned to the pod", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"ip"}, }, }, } @@ -8059,7 +9181,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -8078,6 +9200,13 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -8130,6 +9259,11 @@ func schema_k8sio_api_core_v1_PodPortForwardOptions(ref common.ReferenceCallback }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of ports to forward Required when using WebSockets", Type: []string{"array"}, @@ -8210,7 +9344,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8221,19 +9355,24 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8254,7 +9393,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. It this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -8329,8 +9468,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8343,6 +9487,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8351,6 +9503,11 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "sysctls": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, @@ -8378,11 +9535,24 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Ref: ref("k8s.io/api/core/v1.SeccompProfile"), }, }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, } } @@ -8417,6 +9587,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "volumes": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge,retainKeys", }, @@ -8437,12 +9611,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "initContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8457,6 +9635,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "containers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8477,6 +9659,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "ephemeralContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8554,7 +9740,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "serviceAccount": { SchemaProps: spec.SchemaProps{ - Description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + Description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", Type: []string{"string"}, Format: "", }, @@ -8568,14 +9754,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -8610,6 +9796,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "imagePullSecrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8655,6 +9845,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's tolerations.", Type: []string{"array"}, @@ -8671,12 +9866,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "hostAliases": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8709,6 +9908,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "readinessGates": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", Type: []string{"array"}, @@ -8752,8 +9956,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -8786,14 +9989,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", Ref: ref("k8s.io/api/core/v1.PodOS"), }, }, @@ -8816,7 +10019,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate.", + Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8852,12 +10055,25 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, } } @@ -8868,6 +10084,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", @@ -8879,6 +10102,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -8955,6 +10182,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "podIPs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, @@ -8979,8 +10210,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "initContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8993,8 +10229,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "containerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9015,8 +10256,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "ephemeralContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9030,7 +10276,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "resize": { SchemaProps: spec.SchemaProps{ - Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", Type: []string{"string"}, Format: "", }, @@ -9059,11 +10305,17 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref("k8s.io/api/core/v1.PodExtendedResourceClaimStatus"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodExtendedResourceClaimStatus", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } @@ -9237,7 +10489,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -9323,7 +10576,6 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -9390,25 +10642,25 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", + Description: "TCPSocket specifies a connection to a TCP port.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", + Description: "GRPC specifies a GRPC HealthCheckRequest.", Ref: ref("k8s.io/api/core/v1.GRPCAction"), }, }, @@ -9471,25 +10723,25 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", + Description: "TCPSocket specifies a connection to a TCP port.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", + Description: "GRPC specifies a GRPC HealthCheckRequest.", Ref: ref("k8s.io/api/core/v1.GRPCAction"), }, }, @@ -9509,8 +10761,13 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "sources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9603,6 +10860,11 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9635,6 +10897,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9642,6 +10905,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9649,6 +10913,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9683,6 +10948,11 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9715,6 +10985,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9722,6 +10993,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9729,6 +11001,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9883,7 +11156,6 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -9971,6 +11243,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -9978,6 +11251,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -10063,6 +11337,10 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -10104,6 +11382,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -10136,7 +11421,6 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, @@ -10154,6 +11438,35 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -10270,14 +11583,18 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, }, }, "scopes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", Type: []string{"array"}, @@ -10287,6 +11604,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10321,8 +11639,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -10336,8 +11653,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -10366,8 +11682,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -10381,8 +11696,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), }, }, }, @@ -10398,7 +11712,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -10418,6 +11732,52 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) } } +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ResourceHealth"), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ResourceHealth"}, + } +} + func schema_k8sio_api_core_v1_SELinuxOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -10512,6 +11872,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10526,6 +11887,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10599,6 +11961,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10613,6 +11976,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10641,6 +12005,11 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of scope selector requirements by scope of the resources.", Type: []string{"array"}, @@ -10676,11 +12045,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, "operator": { @@ -10693,6 +12062,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -10846,7 +12220,8 @@ func schema_k8sio_api_core_v1_SecretEnvSource(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10873,7 +12248,8 @@ func schema_k8sio_api_core_v1_SecretKeySelector(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10965,12 +12341,18 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -11046,6 +12428,11 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -11150,7 +12537,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -11162,11 +12549,17 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm Ref: ref("k8s.io/api/core/v1.SeccompProfile"), }, }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, } } @@ -11287,12 +12680,16 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo "secrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -11305,6 +12702,11 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, "imagePullSecrets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", Type: []string{"array"}, @@ -11496,7 +12898,7 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -11512,7 +12914,6 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O "targetPort": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -11655,6 +13056,11 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, "externalIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", Type: []string{"array"}, @@ -11685,6 +13091,11 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, "loadBalancerSourceRanges": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", Type: []string{"array"}, @@ -11708,10 +13119,10 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "externalTrafficPolicy": { SchemaProps: spec.SchemaProps{ - Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"`\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"`\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", + Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Cluster", "Cluster", "Local", "Local"}, + Enum: []interface{}{"Cluster", "Local"}, }, }, "healthCheckNodePort": { @@ -11749,6 +13160,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"", "IPv4", "IPv6"}, }, }, }, @@ -11784,6 +13196,13 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Enum: []interface{}{"Cluster", "Local"}, }, }, + "trafficDistribution": { + SchemaProps: spec.SchemaProps{ + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -11859,6 +13278,28 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_SleepAction(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SleepAction describes a \"sleep\" action.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "seconds": { + SchemaProps: spec.SchemaProps{ + Description: "Seconds is the number of seconds to sleep.", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + Required: []string{"seconds"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -11997,7 +13438,6 @@ func schema_k8sio_api_core_v1_TCPSocketAction(ref common.ReferenceCallback) comm "port": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -12050,7 +13490,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", + Description: "TimeAdded represents the time at which the taint was added.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -12129,6 +13569,11 @@ func schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref common.Refere }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", Type: []string{"array"}, @@ -12158,6 +13603,11 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchLabelExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of topology selector requirements by labels.", Type: []string{"array"}, @@ -12224,14 +13674,14 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "minDomains": { SchemaProps: spec.SchemaProps{ - Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.", Type: []string{"integer"}, Format: "int32", }, }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12239,7 +13689,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12320,7 +13770,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -12388,19 +13839,19 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), }, }, @@ -12418,13 +13869,13 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), }, }, @@ -12436,31 +13887,31 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, @@ -12478,7 +13929,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), }, }, @@ -12490,25 +13941,25 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, @@ -12520,25 +13971,25 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), }, }, @@ -12548,12 +13999,18 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), }, }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + }, + }, }, Required: []string{"name"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, } } @@ -12609,6 +14066,13 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O Format: "", }, }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled.", + Type: []string{"string"}, + Format: "", + }, + }, "mountPath": { SchemaProps: spec.SchemaProps{ Description: "Path within the container at which the volume should be mounted. Must not contain ':'.", @@ -12626,7 +14090,7 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O }, "mountPropagation": { SchemaProps: spec.SchemaProps{ - Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", + Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Bidirectional", "HostToContainer", "None"}, @@ -12646,6 +14110,50 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O } } +func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeMountStatus shows status of volume mounts.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name corresponds to the name of the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "mountPath": { + SchemaProps: spec.SchemaProps{ + Description: "MountPath corresponds to the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "readOnly": { + SchemaProps: spec.SchemaProps{ + Description: "ReadOnly corresponds to the original VolumeMount.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, depending on the mount result.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "mountPath"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12671,7 +14179,7 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { @@ -12698,11 +14206,66 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), }, }, + "clusterTrustBundle": { + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", + Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref("k8s.io/api/core/v1.PodCertificateProjection"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.PodCertificateProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + } +} + +func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeResourceRequirements describes the storage resource requirements for a volume.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "limits": { + SchemaProps: spec.SchemaProps{ + Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + }, + }, + }, + }, + }, + "requests": { + SchemaProps: spec.SchemaProps{ + Description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/api/resource.Quantity"}, } } @@ -12727,19 +14290,19 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), }, }, @@ -12757,13 +14320,13 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), }, }, @@ -12775,31 +14338,31 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, @@ -12817,7 +14380,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), }, }, @@ -12829,25 +14392,25 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, @@ -12859,25 +14422,25 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), }, }, @@ -12887,11 +14450,17 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), }, }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, } } @@ -13040,6 +14609,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the versions supported in this group.", Type: []string{"array"}, @@ -13061,6 +14635,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13105,6 +14684,11 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, "groups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "groups is a list of APIGroup.", Type: []string{"array"}, @@ -13196,6 +14780,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "shortNames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "shortNames is a list of suggested short names of the resource.", Type: []string{"array"}, @@ -13211,6 +14800,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "categories": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", Type: []string{"array"}, @@ -13269,6 +14863,11 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "resources contains the name of the resources and if they are namespaced.", Type: []string{"array"}, @@ -13313,6 +14912,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the api versions that are available.", Type: []string{"array"}, @@ -13328,6 +14932,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13372,6 +14981,11 @@ func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13442,7 +15056,6 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -13493,6 +15106,11 @@ func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13576,6 +15194,11 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13590,6 +15213,13 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, @@ -13603,8 +15233,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -13892,6 +15572,11 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", Type: []string{"array"}, @@ -13942,6 +15627,11 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -13998,8 +15688,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), }, }, }, @@ -14219,8 +15908,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -14285,7 +15974,6 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -14337,6 +16025,10 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "ownerReferences": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "uid", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "uid", "x-kubernetes-patch-strategy": "merge", }, @@ -14357,6 +16049,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "finalizers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -14375,6 +16068,11 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, "managedFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", Type: []string{"array"}, @@ -14581,6 +16279,11 @@ func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -14657,6 +16360,11 @@ func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.Open Type: []string{"object"}, Properties: map[string]spec.Schema{ "paths": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "paths are the paths available at root.", Type: []string{"array"}, @@ -14758,6 +16466,11 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), @@ -14848,6 +16561,11 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, "causes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", Type: []string{"array"}, @@ -14905,6 +16623,11 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, "columnDefinitions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", Type: []string{"array"}, @@ -14919,6 +16642,11 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, "rows": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "rows is the list of items in the table.", Type: []string{"array"}, @@ -15037,6 +16765,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Type: []string{"object"}, Properties: map[string]spec.Schema{ "cells": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", Type: []string{"array"}, @@ -15051,6 +16784,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", Type: []string{"array"}, @@ -15067,7 +16805,6 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), }, }, @@ -15129,8 +16866,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -15215,6 +16952,11 @@ func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -15266,7 +17008,6 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), }, }, @@ -15366,16 +17107,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.34/client/go.mod b/generated/1.34/client/go.mod new file mode 100644 index 000000000..76d3292bb --- /dev/null +++ b/generated/1.34/client/go.mod @@ -0,0 +1,55 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.34/client + +go 1.24.0 + +replace go.pinniped.dev/generated/1.34/apis => ../apis + +require ( + go.pinniped.dev/generated/1.34/apis v0.0.0 + k8s.io/api v0.34.2 + k8s.io/apimachinery v0.34.2 + k8s.io/client-go v0.34.2 + k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b +) + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/google/gnostic-models v0.7.0 // indirect + github.com/google/go-cmp v0.7.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v3 v3.0.4 // indirect + golang.org/x/net v0.38.0 // indirect + golang.org/x/oauth2 v0.27.0 // indirect + golang.org/x/sys v0.31.0 // indirect + golang.org/x/term v0.30.0 // indirect + golang.org/x/text v0.23.0 // indirect + golang.org/x/time v0.9.0 // indirect + google.golang.org/protobuf v1.36.5 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/yaml v1.6.0 // indirect +) diff --git a/generated/1.29/client/go.sum b/generated/1.34/client/go.sum similarity index 52% rename from generated/1.29/client/go.sum rename to generated/1.34/client/go.sum index a561a6383..c051ebf90 100644 --- a/generated/1.29/client/go.sum +++ b/generated/1.34/client/go.sum @@ -2,37 +2,33 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= +github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= +github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -51,104 +47,112 @@ github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= +github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= +go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= +golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= +golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= +golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M= +golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= +golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= +golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= +golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.14 h1:JWFh5ufowH3Y6tCgEzY3URVJHb27f0tEDEej0nCjWDw= -k8s.io/api v0.29.14/go.mod h1:IV8YqKxMm8JGLBLlHM13Npn5lCITH10XYipWEW+YEOQ= -k8s.io/apimachinery v0.29.14 h1:IDhwnGNCp836SLOwW1SoEfFNV77wxIklhxeAHX9vmSo= -k8s.io/apimachinery v0.29.14/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/client-go v0.29.14 h1:OSnzZ9DClaFRgl3zMAY2kGZhNjdGJkEb+RDz+MW2h6k= -k8s.io/client-go v0.29.14/go.mod h1:XtZt5n5UxKfPJ+sCoTPcEavWgZbLFFxMnAFFRQGK1RY= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +k8s.io/api v0.34.2 h1:fsSUNZhV+bnL6Aqrp6O7lMTy6o5x2C4XLjnh//8SLYY= +k8s.io/api v0.34.2/go.mod h1:MMBPaWlED2a8w4RSeanD76f7opUoypY8TFYkSM+3XHw= +k8s.io/apimachinery v0.34.2 h1:zQ12Uk3eMHPxrsbUJgNF8bTauTVR2WgqJsTmwTE/NW4= +k8s.io/apimachinery v0.34.2/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= +k8s.io/client-go v0.34.2 h1:Co6XiknN+uUZqiddlfAjT68184/37PS4QAzYvQvDR8M= +k8s.io/client-go v0.34.2/go.mod h1:2VYDl1XXJsdcAxw7BenFslRQX28Dxz91U9MWKjX97fE= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= +k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= +k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= +k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.28/client/supervisor/clientset/versioned/clientset.go b/generated/1.34/client/supervisor/clientset/versioned/clientset.go similarity index 95% rename from generated/1.28/client/supervisor/clientset/versioned/clientset.go rename to generated/1.34/client/supervisor/clientset/versioned/clientset.go index 9a0ca45cc..450926005 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.34/client/supervisor/clientset/versioned/clientset.go @@ -6,12 +6,12 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.28/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.34/client/supervisor/clientset/versioned/fake/clientset_generated.go similarity index 72% rename from generated/1.28/client/supervisor/clientset/versioned/fake/clientset_generated.go rename to generated/1.34/client/supervisor/clientset/versioned/fake/clientset_generated.go index bd539efba..86922f0bd 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.34/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -6,13 +6,14 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -22,8 +23,12 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. +// +// DEPRECATED: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) for _, obj := range objects { @@ -36,9 +41,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchActcion, ok := action.(testing.WatchActionImpl); ok { + opts = watchActcion.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } diff --git a/generated/1.26/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.34/client/supervisor/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/fake/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/fake/doc.go diff --git a/generated/1.28/client/supervisor/clientset/versioned/fake/register.go b/generated/1.34/client/supervisor/clientset/versioned/fake/register.go similarity index 88% rename from generated/1.28/client/supervisor/clientset/versioned/fake/register.go rename to generated/1.34/client/supervisor/clientset/versioned/fake/register.go index aa73d2789..b30f45f52 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.34/client/supervisor/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.26/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.34/client/supervisor/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/scheme/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/scheme/doc.go diff --git a/generated/1.28/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.34/client/supervisor/clientset/versioned/scheme/register.go similarity index 88% rename from generated/1.28/client/supervisor/clientset/versioned/scheme/register.go rename to generated/1.34/client/supervisor/clientset/versioned/scheme/register.go index d1b2c5f0d..8698ec1a3 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.34/client/supervisor/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go similarity index 83% rename from generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go index d035e73ca..d903a1c56 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/clientsecret/v1alpha1" - "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ClientsecretV1alpha1Client) OIDCClientSecretRequests(namespace string) // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ClientsecretV1alpha1Client { return &ClientsecretV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := clientsecretv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go similarity index 85% rename from generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go index ffcb3c2e8..b2dfcee6a 100644 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeClientsecretV1alpha1 struct { } func (c *FakeClientsecretV1alpha1) OIDCClientSecretRequests(namespace string) v1alpha1.OIDCClientSecretRequestInterface { - return &FakeOIDCClientSecretRequests{c, namespace} + return newFakeOIDCClientSecretRequests(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go new file mode 100644 index 000000000..84caffcad --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type fakeOIDCClientSecretRequests struct { + *gentype.FakeClient[*v1alpha1.OIDCClientSecretRequest] + Fake *FakeClientsecretV1alpha1 +} + +func newFakeOIDCClientSecretRequests(fake *FakeClientsecretV1alpha1, namespace string) clientsecretv1alpha1.OIDCClientSecretRequestInterface { + return &fakeOIDCClientSecretRequests{ + gentype.NewFakeClient[*v1alpha1.OIDCClientSecretRequest]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest"), + func() *v1alpha1.OIDCClientSecretRequest { return &v1alpha1.OIDCClientSecretRequest{} }, + ), + fake, + } +} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go new file mode 100644 index 000000000..cd205c014 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go @@ -0,0 +1,47 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + clientsecretv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. +// A group's client should implement this interface. +type OIDCClientSecretRequestsGetter interface { + OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface +} + +// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. +type OIDCClientSecretRequestInterface interface { + Create(ctx context.Context, oIDCClientSecretRequest *clientsecretv1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*clientsecretv1alpha1.OIDCClientSecretRequest, error) + OIDCClientSecretRequestExpansion +} + +// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type oIDCClientSecretRequests struct { + *gentype.Client[*clientsecretv1alpha1.OIDCClientSecretRequest] +} + +// newOIDCClientSecretRequests returns a OIDCClientSecretRequests +func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { + return &oIDCClientSecretRequests{ + gentype.NewClient[*clientsecretv1alpha1.OIDCClientSecretRequest]( + "oidcclientsecretrequests", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *clientsecretv1alpha1.OIDCClientSecretRequest { + return &clientsecretv1alpha1.OIDCClientSecretRequest{} + }, + ), + } +} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 83% rename from generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 9975ddfd1..dcb791ae4 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 83% rename from generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 4a2d1b5aa..b01ed5cb3 100644 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { - return &FakeFederationDomains{c, namespace} + return newFakeFederationDomains(c, namespace) } func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} + return newFakeOIDCClients(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 000000000..c3b877dcd --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeFederationDomains implements FederationDomainInterface +type fakeFederationDomains struct { + *gentype.FakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList] + Fake *FakeConfigV1alpha1 +} + +func newFakeFederationDomains(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.FederationDomainInterface { + return &fakeFederationDomains{ + gentype.NewFakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("federationdomains"), + v1alpha1.SchemeGroupVersion.WithKind("FederationDomain"), + func() *v1alpha1.FederationDomain { return &v1alpha1.FederationDomain{} }, + func() *v1alpha1.FederationDomainList { return &v1alpha1.FederationDomainList{} }, + func(dst, src *v1alpha1.FederationDomainList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.FederationDomainList) []*v1alpha1.FederationDomain { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.FederationDomainList, items []*v1alpha1.FederationDomain) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go new file mode 100644 index 000000000..85c6f638c --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -0,0 +1,37 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClients implements OIDCClientInterface +type fakeOIDCClients struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList] + Fake *FakeConfigV1alpha1 +} + +func newFakeOIDCClients(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.OIDCClientInterface { + return &fakeOIDCClients{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclients"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClient"), + func() *v1alpha1.OIDCClient { return &v1alpha1.OIDCClient{} }, + func() *v1alpha1.OIDCClientList { return &v1alpha1.OIDCClientList{} }, + func(dst, src *v1alpha1.OIDCClientList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCClientList) []*v1alpha1.OIDCClient { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.OIDCClientList, items []*v1alpha1.OIDCClient) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 000000000..5c5a727f5 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.CreateOptions) (*configv1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + *gentype.ClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList] +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + gentype.NewClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList]( + "federationdomains", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.FederationDomain { return &configv1alpha1.FederationDomain{} }, + func() *configv1alpha1.FederationDomainList { return &configv1alpha1.FederationDomainList{} }, + ), + } +} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..4257fda63 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientsGetter has a method to return a OIDCClientInterface. +// A group's client should implement this interface. +type OIDCClientsGetter interface { + OIDCClients(namespace string) OIDCClientInterface +} + +// OIDCClientInterface has methods to work with OIDCClient resources. +type OIDCClientInterface interface { + Create(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.CreateOptions) (*configv1alpha1.OIDCClient, error) + Update(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.OIDCClient, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.OIDCClientList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.OIDCClient, err error) + OIDCClientExpansion +} + +// oIDCClients implements OIDCClientInterface +type oIDCClients struct { + *gentype.ClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList] +} + +// newOIDCClients returns a OIDCClients +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { + return &oIDCClients{ + gentype.NewClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList]( + "oidcclients", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.OIDCClient { return &configv1alpha1.OIDCClient{} }, + func() *configv1alpha1.OIDCClientList { return &configv1alpha1.OIDCClientList{} }, + ), + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 000000000..ce83a51e2 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,61 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList] +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList]( + "activedirectoryidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.ActiveDirectoryIdentityProvider { + return &idpv1alpha1.ActiveDirectoryIdentityProvider{} + }, + func() *idpv1alpha1.ActiveDirectoryIdentityProviderList { + return &idpv1alpha1.ActiveDirectoryIdentityProviderList{} + }, + ), + } +} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 000000000..d83e6f0a9 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,41 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type fakeActiveDirectoryIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeActiveDirectoryIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.ActiveDirectoryIdentityProviderInterface { + return &fakeActiveDirectoryIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider"), + func() *v1alpha1.ActiveDirectoryIdentityProvider { return &v1alpha1.ActiveDirectoryIdentityProvider{} }, + func() *v1alpha1.ActiveDirectoryIdentityProviderList { + return &v1alpha1.ActiveDirectoryIdentityProviderList{} + }, + func(dst, src *v1alpha1.ActiveDirectoryIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList) []*v1alpha1.ActiveDirectoryIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList, items []*v1alpha1.ActiveDirectoryIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go new file mode 100644 index 000000000..fb773a3e1 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeGitHubIdentityProviders implements GitHubIdentityProviderInterface +type fakeGitHubIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeGitHubIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.GitHubIdentityProviderInterface { + return &fakeGitHubIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider"), + func() *v1alpha1.GitHubIdentityProvider { return &v1alpha1.GitHubIdentityProvider{} }, + func() *v1alpha1.GitHubIdentityProviderList { return &v1alpha1.GitHubIdentityProviderList{} }, + func(dst, src *v1alpha1.GitHubIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.GitHubIdentityProviderList) []*v1alpha1.GitHubIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.GitHubIdentityProviderList, items []*v1alpha1.GitHubIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go similarity index 78% rename from generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index a3a02d0d4..058643244 100644 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,19 +16,19 @@ type FakeIDPV1alpha1 struct { } func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { - return &FakeActiveDirectoryIdentityProviders{c, namespace} + return newFakeActiveDirectoryIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) GitHubIdentityProviders(namespace string) v1alpha1.GitHubIdentityProviderInterface { - return &FakeGitHubIdentityProviders{c, namespace} + return newFakeGitHubIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { - return &FakeLDAPIdentityProviders{c, namespace} + return newFakeLDAPIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { - return &FakeOIDCIdentityProviders{c, namespace} + return newFakeOIDCIdentityProviders(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 000000000..2ec5c24ee --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type fakeLDAPIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeLDAPIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.LDAPIdentityProviderInterface { + return &fakeLDAPIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider"), + func() *v1alpha1.LDAPIdentityProvider { return &v1alpha1.LDAPIdentityProvider{} }, + func() *v1alpha1.LDAPIdentityProviderList { return &v1alpha1.LDAPIdentityProviderList{} }, + func(dst, src *v1alpha1.LDAPIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.LDAPIdentityProviderList) []*v1alpha1.LDAPIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.LDAPIdentityProviderList, items []*v1alpha1.LDAPIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 000000000..ce4fa2265 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type fakeOIDCIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeOIDCIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.OIDCIdentityProviderInterface { + return &fakeOIDCIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider"), + func() *v1alpha1.OIDCIdentityProvider { return &v1alpha1.OIDCIdentityProvider{} }, + func() *v1alpha1.OIDCIdentityProviderList { return &v1alpha1.OIDCIdentityProviderList{} }, + func(dst, src *v1alpha1.OIDCIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCIdentityProviderList) []*v1alpha1.OIDCIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.OIDCIdentityProviderList, items []*v1alpha1.OIDCIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.26/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go new file mode 100644 index 000000000..70f504103 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. +// A group's client should implement this interface. +type GitHubIdentityProvidersGetter interface { + GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface +} + +// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. +type GitHubIdentityProviderInterface interface { + Create(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Update(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.GitHubIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.GitHubIdentityProvider, err error) + GitHubIdentityProviderExpansion +} + +// gitHubIdentityProviders implements GitHubIdentityProviderInterface +type gitHubIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList] +} + +// newGitHubIdentityProviders returns a GitHubIdentityProviders +func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { + return &gitHubIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList]( + "githubidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.GitHubIdentityProvider { return &idpv1alpha1.GitHubIdentityProvider{} }, + func() *idpv1alpha1.GitHubIdentityProviderList { return &idpv1alpha1.GitHubIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go similarity index 85% rename from generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index 2fd9efdd0..7ad2949dc 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/scheme" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -47,9 +47,7 @@ func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentity // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -61,9 +59,7 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -86,17 +82,15 @@ func New(c rest.Interface) *IDPV1alpha1Client { return &IDPV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := idpv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 000000000..9d1ce39f3 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList] +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList]( + "ldapidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.LDAPIdentityProvider { return &idpv1alpha1.LDAPIdentityProvider{} }, + func() *idpv1alpha1.LDAPIdentityProviderList { return &idpv1alpha1.LDAPIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 000000000..38ceec904 --- /dev/null +++ b/generated/1.34/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList] +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList]( + "oidcidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.OIDCIdentityProvider { return &idpv1alpha1.OIDCIdentityProvider{} }, + func() *idpv1alpha1.OIDCIdentityProviderList { return &idpv1alpha1.OIDCIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.27/client/supervisor/informers/externalversions/config/interface.go b/generated/1.34/client/supervisor/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.27/client/supervisor/informers/externalversions/config/interface.go rename to generated/1.34/client/supervisor/informers/externalversions/config/interface.go index d03bb6dec..807b79381 100644 --- a/generated/1.27/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.34/client/supervisor/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go similarity index 68% rename from generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go rename to generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index be5df53f9..78b3d5543 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/config/v1alpha1" + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // FederationDomains. type FederationDomainInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.FederationDomainLister + Lister() configv1alpha1.FederationDomainLister } type federationDomainInformer struct { @@ -49,16 +49,28 @@ func NewFilteredFederationDomainInformer(client versioned.Interface, namespace s if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, options) }, }, - &configv1alpha1.FederationDomain{}, + &supervisorconfigv1alpha1.FederationDomain{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *federationDomainInformer) defaultInformer(client versioned.Interface, r } func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) + return f.factory.InformerFor(&supervisorconfigv1alpha1.FederationDomain{}, f.defaultInformer) } -func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { - return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +func (f *federationDomainInformer) Lister() configv1alpha1.FederationDomainLister { + return configv1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/interface.go similarity index 95% rename from generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 0ba887cdc..32e4e924d 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 68% rename from generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go rename to generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index ac7e726ee..7c80ffe63 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ b/generated/1.34/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/config/v1alpha1" + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // OIDCClients. type OIDCClientInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCClientLister + Lister() configv1alpha1.OIDCClientLister } type oIDCClientInformer struct { @@ -49,16 +49,28 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().OIDCClients(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, options) }, }, - &configv1alpha1.OIDCClient{}, + &supervisorconfigv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&supervisorconfigv1alpha1.OIDCClient{}, f.defaultInformer) } -func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { - return v1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) +func (f *oIDCClientInformer) Lister() configv1alpha1.OIDCClientLister { + return configv1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) } diff --git a/generated/1.29/client/supervisor/informers/externalversions/factory.go b/generated/1.34/client/supervisor/informers/externalversions/factory.go similarity index 95% rename from generated/1.29/client/supervisor/informers/externalversions/factory.go rename to generated/1.34/client/supervisor/informers/externalversions/factory.go index 996b374a4..87c3e7c19 100644 --- a/generated/1.29/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.34/client/supervisor/informers/externalversions/factory.go @@ -10,10 +10,10 @@ import ( sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - config "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/idp" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -216,6 +216,7 @@ type SharedInformerFactory interface { // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. Start(stopCh <-chan struct{}) // Shutdown marks a factory as shutting down. At that point no new diff --git a/generated/1.28/client/supervisor/informers/externalversions/generic.go b/generated/1.34/client/supervisor/informers/externalversions/generic.go similarity index 94% rename from generated/1.28/client/supervisor/informers/externalversions/generic.go rename to generated/1.34/client/supervisor/informers/externalversions/generic.go index 4a2c5e2a0..5e0297770 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.34/client/supervisor/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.34/client/supervisor/informers/externalversions/idp/interface.go similarity index 89% rename from generated/1.28/client/supervisor/informers/externalversions/idp/interface.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/interface.go index a4fe6dd6d..6068d2fcc 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/interface.go @@ -6,8 +6,8 @@ package idp import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go similarity index 67% rename from generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index d146f82d8..44c509009 100644 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // ActiveDirectoryIdentityProviders. type ActiveDirectoryIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.ActiveDirectoryIdentityProviderLister + Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister } type activeDirectoryIdentityProviderInformer struct { @@ -49,16 +49,28 @@ func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interfa if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, options) }, }, - &idpv1alpha1.ActiveDirectoryIdentityProvider{}, + &supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client version } func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) } -func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { - return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +func (f *activeDirectoryIdentityProviderInformer) Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister { + return idpv1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go similarity index 68% rename from generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go index 03538b7a1..8ab9866c5 100644 --- a/generated/1.27/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // GitHubIdentityProviders. type GitHubIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.GitHubIdentityProviderLister + Lister() idpv1alpha1.GitHubIdentityProviderLister } type gitHubIdentityProviderInformer struct { @@ -49,16 +49,28 @@ func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, names if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, options) }, }, - &idpv1alpha1.GitHubIdentityProvider{}, + &supervisoridpv1alpha1.GitHubIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interf } func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) } -func (f *gitHubIdentityProviderInformer) Lister() v1alpha1.GitHubIdentityProviderLister { - return v1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) +func (f *gitHubIdentityProviderInformer) Lister() idpv1alpha1.GitHubIdentityProviderLister { + return idpv1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go similarity index 97% rename from generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 57e2681ca..051408c1f 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go similarity index 68% rename from generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index f53b7c11a..023b97cee 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // LDAPIdentityProviders. type LDAPIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.LDAPIdentityProviderLister + Lister() idpv1alpha1.LDAPIdentityProviderLister } type lDAPIdentityProviderInformer struct { @@ -49,16 +49,28 @@ func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespa if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, options) }, }, - &idpv1alpha1.LDAPIdentityProvider{}, + &supervisoridpv1alpha1.LDAPIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interfac } func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) } -func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { - return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +func (f *lDAPIdentityProviderInformer) Lister() idpv1alpha1.LDAPIdentityProviderLister { + return idpv1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go similarity index 68% rename from generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go rename to generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index a36418730..69a2855c6 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.34/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.34/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // OIDCIdentityProviders. type OIDCIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCIdentityProviderLister + Lister() idpv1alpha1.OIDCIdentityProviderLister } type oIDCIdentityProviderInformer struct { @@ -49,16 +49,28 @@ func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespa if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.Background(), options) + }, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, options) }, }, - &idpv1alpha1.OIDCIdentityProvider{}, + &supervisoridpv1alpha1.OIDCIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interfac } func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) } -func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { - return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +func (f *oIDCIdentityProviderInformer) Lister() idpv1alpha1.OIDCIdentityProviderLister { + return idpv1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 93% rename from generated/1.28/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.34/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index e56001abb..cb3539dc1 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.34/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" + versioned "go.pinniped.dev/generated/1.34/client/supervisor/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" diff --git a/generated/1.26/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.34/client/supervisor/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.26/client/supervisor/listers/config/v1alpha1/expansion_generated.go rename to generated/1.34/client/supervisor/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.26/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.34/client/supervisor/listers/config/v1alpha1/federationdomain.go similarity index 50% rename from generated/1.26/client/supervisor/listers/config/v1alpha1/federationdomain.go rename to generated/1.34/client/supervisor/listers/config/v1alpha1/federationdomain.go index 9443fdf0c..927ea6037 100644 --- a/generated/1.26/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.34/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // FederationDomainLister helps list FederationDomains. @@ -17,7 +17,7 @@ import ( type FederationDomainLister interface { // List lists all FederationDomains in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // FederationDomains returns an object that can list and get FederationDomains. FederationDomains(namespace string) FederationDomainNamespaceLister FederationDomainListerExpansion @@ -25,25 +25,17 @@ type FederationDomainLister interface { // federationDomainLister implements the FederationDomainLister interface. type federationDomainLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } // NewFederationDomainLister returns a new FederationDomainLister. func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { - return &federationDomainLister{indexer: indexer} -} - -// List lists all FederationDomains in the indexer. -func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err + return &federationDomainLister{listers.New[*configv1alpha1.FederationDomain](indexer, configv1alpha1.Resource("federationdomain"))} } // FederationDomains returns an object that can list and get FederationDomains. func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { - return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} + return federationDomainNamespaceLister{listers.NewNamespaced[*configv1alpha1.FederationDomain](s.ResourceIndexer, namespace)} } // FederationDomainNamespaceLister helps list and get FederationDomains. @@ -51,36 +43,15 @@ func (s *federationDomainLister) FederationDomains(namespace string) FederationD type FederationDomainNamespaceLister interface { // List lists all FederationDomains in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // Get retrieves the FederationDomain from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.FederationDomain, error) + Get(name string) (*configv1alpha1.FederationDomain, error) FederationDomainNamespaceListerExpansion } // federationDomainNamespaceLister implements the FederationDomainNamespaceLister // interface. type federationDomainNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all FederationDomains in the indexer for a given namespace. -func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// Get retrieves the FederationDomain from the indexer for a given namespace and name. -func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) - } - return obj.(*v1alpha1.FederationDomain), nil + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } diff --git a/generated/1.34/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.34/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..628044fda --- /dev/null +++ b/generated/1.34/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{listers.New[*configv1alpha1.OIDCClient](indexer, configv1alpha1.Resource("oidcclient"))} +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{listers.NewNamespaced[*configv1alpha1.OIDCClient](s.ResourceIndexer, namespace)} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} diff --git a/generated/1.28/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.34/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go similarity index 52% rename from generated/1.28/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go rename to generated/1.34/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index a117de600..fbda4e1ea 100644 --- a/generated/1.28/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.34/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. @@ -17,7 +17,7 @@ import ( type ActiveDirectoryIdentityProviderLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister ActiveDirectoryIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type ActiveDirectoryIdentityProviderLister interface { // activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. type activeDirectoryIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } // NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { - return &activeDirectoryIdentityProviderLister{indexer: indexer} -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer. -func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err + return &activeDirectoryIdentityProviderLister{listers.New[*idpv1alpha1.ActiveDirectoryIdentityProvider](indexer, idpv1alpha1.Resource("activedirectoryidentityprovider"))} } // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { - return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return activeDirectoryIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.ActiveDirectoryIdentityProvider](s.ResourceIndexer, namespace)} } // ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. @@ -51,36 +43,15 @@ func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders type ActiveDirectoryIdentityProviderNamespaceLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Get(name string) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) ActiveDirectoryIdentityProviderNamespaceListerExpansion } // activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister // interface. type activeDirectoryIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. -func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. -func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } diff --git a/generated/1.26/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.34/client/supervisor/listers/idp/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.26/client/supervisor/listers/idp/v1alpha1/expansion_generated.go rename to generated/1.34/client/supervisor/listers/idp/v1alpha1/expansion_generated.go diff --git a/generated/1.28/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go b/generated/1.34/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go similarity index 51% rename from generated/1.28/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go rename to generated/1.34/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go index cca9da9ee..69d41e9b2 100644 --- a/generated/1.28/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go +++ b/generated/1.34/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // GitHubIdentityProviderLister helps list GitHubIdentityProviders. @@ -17,7 +17,7 @@ import ( type GitHubIdentityProviderLister interface { // List lists all GitHubIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister GitHubIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type GitHubIdentityProviderLister interface { // gitHubIdentityProviderLister implements the GitHubIdentityProviderLister interface. type gitHubIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } // NewGitHubIdentityProviderLister returns a new GitHubIdentityProviderLister. func NewGitHubIdentityProviderLister(indexer cache.Indexer) GitHubIdentityProviderLister { - return &gitHubIdentityProviderLister{indexer: indexer} -} - -// List lists all GitHubIdentityProviders in the indexer. -func (s *gitHubIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err + return &gitHubIdentityProviderLister{listers.New[*idpv1alpha1.GitHubIdentityProvider](indexer, idpv1alpha1.Resource("githubidentityprovider"))} } // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister { - return gitHubIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return gitHubIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.GitHubIdentityProvider](s.ResourceIndexer, namespace)} } // GitHubIdentityProviderNamespaceLister helps list and get GitHubIdentityProviders. @@ -51,36 +43,15 @@ func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) type GitHubIdentityProviderNamespaceLister interface { // List lists all GitHubIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.GitHubIdentityProvider, error) + Get(name string) (*idpv1alpha1.GitHubIdentityProvider, error) GitHubIdentityProviderNamespaceListerExpansion } // gitHubIdentityProviderNamespaceLister implements the GitHubIdentityProviderNamespaceLister // interface. type gitHubIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all GitHubIdentityProviders in the indexer for a given namespace. -func (s gitHubIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. -func (s gitHubIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.GitHubIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("githubidentityprovider"), name) - } - return obj.(*v1alpha1.GitHubIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } diff --git a/generated/1.27/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.34/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go similarity index 51% rename from generated/1.27/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go rename to generated/1.34/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index c64d40b31..7667cd193 100644 --- a/generated/1.27/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.34/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // LDAPIdentityProviderLister helps list LDAPIdentityProviders. @@ -17,7 +17,7 @@ import ( type LDAPIdentityProviderLister interface { // List lists all LDAPIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister LDAPIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type LDAPIdentityProviderLister interface { // lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. type lDAPIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } // NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { - return &lDAPIdentityProviderLister{indexer: indexer} -} - -// List lists all LDAPIdentityProviders in the indexer. -func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err + return &lDAPIdentityProviderLister{listers.New[*idpv1alpha1.LDAPIdentityProvider](indexer, idpv1alpha1.Resource("ldapidentityprovider"))} } // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { - return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return lDAPIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.LDAPIdentityProvider](s.ResourceIndexer, namespace)} } // LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. @@ -51,36 +43,15 @@ func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDA type LDAPIdentityProviderNamespaceLister interface { // List lists all LDAPIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + Get(name string) (*idpv1alpha1.LDAPIdentityProvider, error) LDAPIdentityProviderNamespaceListerExpansion } // lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister // interface. type lDAPIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all LDAPIdentityProviders in the indexer for a given namespace. -func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. -func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) - } - return obj.(*v1alpha1.LDAPIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } diff --git a/generated/1.28/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.34/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go similarity index 51% rename from generated/1.28/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go rename to generated/1.34/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index da9b91b13..f8170c13f 100644 --- a/generated/1.28/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.34/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.34/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // OIDCIdentityProviderLister helps list OIDCIdentityProviders. @@ -17,7 +17,7 @@ import ( type OIDCIdentityProviderLister interface { // List lists all OIDCIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister OIDCIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type OIDCIdentityProviderLister interface { // oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. type oIDCIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } // NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { - return &oIDCIdentityProviderLister{indexer: indexer} -} - -// List lists all OIDCIdentityProviders in the indexer. -func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err + return &oIDCIdentityProviderLister{listers.New[*idpv1alpha1.OIDCIdentityProvider](indexer, idpv1alpha1.Resource("oidcidentityprovider"))} } // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { - return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return oIDCIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.OIDCIdentityProvider](s.ResourceIndexer, namespace)} } // OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. @@ -51,36 +43,15 @@ func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OID type OIDCIdentityProviderNamespaceLister interface { // List lists all OIDCIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + Get(name string) (*idpv1alpha1.OIDCIdentityProvider, error) OIDCIdentityProviderNamespaceListerExpansion } // oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister // interface. type oIDCIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCIdentityProviders in the indexer for a given namespace. -func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. -func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) - } - return obj.(*v1alpha1.OIDCIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } diff --git a/generated/1.29/client/concierge/openapi/zz_generated.openapi.go b/generated/1.34/client/supervisor/openapi/zz_generated.openapi.go similarity index 86% rename from generated/1.29/client/concierge/openapi/zz_generated.openapi.go rename to generated/1.34/client/supervisor/openapi/zz_generated.openapi.go index e96265a8f..f5632be8b 100644 --- a/generated/1.29/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.34/client/supervisor/openapi/zz_generated.openapi.go @@ -6,31 +6,24 @@ // Code generated by openapi-gen. DO NOT EDIT. -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi +package supervisor import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), + "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), @@ -44,7 +37,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), @@ -58,14 +50,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), + "k8s.io/api/core/v1.ContainerExtendedResourceRequest": schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + "k8s.io/api/core/v1.ContainerRestartRule": schema_k8sio_api_core_v1_ContainerRestartRule(ref), + "k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes": schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), + "k8s.io/api/core/v1.ContainerUser": schema_k8sio_api_core_v1_ContainerUser(ref), "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), @@ -88,6 +84,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), + "k8s.io/api/core/v1.FileKeySelector": schema_k8sio_api_core_v1_FileKeySelector(ref), "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), @@ -103,6 +100,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + "k8s.io/api/core/v1.ImageVolumeSource": schema_k8sio_api_core_v1_ImageVolumeSource(ref), "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), @@ -110,6 +108,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), + "k8s.io/api/core/v1.LinuxContainerUser": schema_k8sio_api_core_v1_LinuxContainerUser(ref), "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), @@ -129,14 +128,17 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + "k8s.io/api/core/v1.NodeFeatures": schema_k8sio_api_core_v1_NodeFeatures(ref), "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeResources": schema_k8sio_api_core_v1_NodeResources(ref), + "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), + "k8s.io/api/core/v1.NodeSwapStatus": schema_k8sio_api_core_v1_NodeSwapStatus(ref), "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), @@ -158,10 +160,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), + "k8s.io/api/core/v1.PodCertificateProjection": schema_k8sio_api_core_v1_PodCertificateProjection(ref), "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), + "k8s.io/api/core/v1.PodExtendedResourceClaimStatus": schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), @@ -198,11 +202,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + "k8s.io/api/core/v1.ResourceHealth": schema_k8sio_api_core_v1_ResourceHealth(ref), "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), + "k8s.io/api/core/v1.ResourceStatus": schema_k8sio_api_core_v1_ResourceStatus(ref), "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), @@ -243,6 +249,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), + "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), @@ -260,6 +267,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.FieldSelectorRequirement": schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), @@ -305,116 +313,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA } } -func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "user": { - SchemaProps: spec.SchemaProps{ - Description: "User is the UserInfo associated with the current user.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.UserInfo"), - }, - }, - "audiences": { - SchemaProps: spec.SchemaProps{ - Description: "Audiences are audience identifiers chosen by the authenticator.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"user"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.UserInfo"}, - } -} - -func schema_apis_concierge_identity_v1alpha1_UserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UserInfo holds the information about the user needed to implement the user.Info interface.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "username": { - SchemaProps: spec.SchemaProps{ - Description: "The name that uniquely identifies this user among all active users.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "The names of groups this user is a part of.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "extra": { - SchemaProps: spec.SchemaProps{ - Description: "Any additional information provided by the authenticator.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - }, - Required: []string{"username"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequest submits a request to echo back the current authenticated user.", + Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -440,28 +343,29 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), }, }, }, + Required: []string{"spec"}, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequestList is a list of WhoAmIRequest objects.", + Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -486,13 +390,13 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, "items": { SchemaProps: spec.SchemaProps{ - Description: "Items is a list of WhoAmIRequest.", + Description: "Items is a list of OIDCClientSecretRequest.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref("go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), }, }, }, @@ -503,238 +407,65 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Spec is always empty for a WhoAmIRequest.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is set by the server in the response to a WhoAmIRequest.", + Description: "Spec of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kubernetesUserInfo": { + "generateNewSecret": { SchemaProps: spec.SchemaProps{ - Description: "The current authenticated user, exactly as Kubernetes understands it.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), - }, - }, - }, - Required: []string{"kubernetesUserInfo"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, - } -} - -func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "expirationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Token is a bearer token used by the client for request authentication.", - Type: []string{"string"}, + Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, - "clientCertificateData": { + "revokeOldSecrets": { SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded client TLS certificates (including intermediates, if any).", - Type: []string{"string"}, - Format: "", - }, - }, - "clientKeyData": { - SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded private key for the above certificate.", - Type: []string{"string"}, + Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, }, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.", + Description: "Status of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kind": { + "generatedSecret": { SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", Type: []string{"string"}, Format: "", }, }, - "apiVersion": { + "totalClientSecrets": { SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: 0, + Type: []string{"integer"}, + Format: "int32", }, }, }, + Required: []string{"totalClientSecrets"}, }, }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequestList is a list of TokenCredentialRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of TokenCredentialRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Specification of a TokenCredentialRequest, expected on requests to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Bearer token supplied with the credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - "authenticator": { - SchemaProps: spec.SchemaProps{ - Description: "Reference to an authenticator which can validate this credential request.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), - }, - }, - }, - Required: []string{"authenticator"}, - }, - }, - Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a TokenCredentialRequest, returned on responses to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "credential": { - SchemaProps: spec.SchemaProps{ - Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.ClusterCredential"), - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "An error message will be returned for an unsuccessful credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.29/apis/concierge/login/v1alpha1.ClusterCredential"}, } } @@ -814,6 +545,48 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open } } +func schema_k8sio_api_core_v1_AppArmorProfile(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppArmorProfile defines a pod or container's AppArmor settings.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.\n\nPossible enum values:\n - `\"Localhost\"` indicates that a profile pre-loaded on the node should be used.\n - `\"RuntimeDefault\"` indicates that the container runtime's default AppArmor profile should be used.\n - `\"Unconfined\"` indicates that no AppArmor profile should be enforced.", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}, + }, + }, + "localhostProfile": { + SchemaProps: spec.SchemaProps{ + Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "discriminator": "type", + "fields-to-discriminateBy": map[string]interface{}{ + "localhostProfile": "LocalhostProfile", + }, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_AttachedVolume(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -852,6 +625,11 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Type: []string{"object"}, Properties: map[string]spec.Schema{ "preferAvoidPods": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Bounded-sized list of signatures of pods that should avoid this node, sorted in timestamp order from oldest to newest. Size of the slice is unspecified.", Type: []string{"array"}, @@ -899,6 +677,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "cachingMode": { SchemaProps: spec.SchemaProps{ Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, @@ -907,6 +686,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -914,6 +694,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, @@ -921,6 +702,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "kind": { SchemaProps: spec.SchemaProps{ Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", Enum: []interface{}{"Dedicated", "Managed", "Shared"}, @@ -1018,7 +800,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1062,7 +844,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -1218,6 +1000,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "add": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Added capabilities", Type: []string{"array"}, @@ -1233,6 +1020,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. }, }, "drop": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Removed capabilities", Type: []string{"array"}, @@ -1261,6 +1053,11 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1326,6 +1123,11 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1471,33 +1273,6 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c } } -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - func schema_k8sio_api_core_v1_ClientIPConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1644,6 +1419,10 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -1803,7 +1582,8 @@ func schema_k8sio_api_core_v1_ConfigMapEnvSource(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1830,7 +1610,8 @@ func schema_k8sio_api_core_v1_ConfigMapKeySelector(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1974,12 +1755,18 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -2017,12 +1804,18 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -2081,6 +1874,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2096,6 +1894,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2143,8 +1946,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -2159,6 +1967,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -2204,14 +2016,37 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -2232,6 +2067,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -2328,7 +2167,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2340,6 +2217,11 @@ func schema_k8sio_api_core_v1_ContainerImage(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "names": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Names by which this image is known. e.g. [\"kubernetes.example/hyperkube:v1.0.7\", \"cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7\"]", Type: []string{"array"}, @@ -2449,6 +2331,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref("k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes"), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ContainerRestartRuleOnExitCodes"}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2689,12 +2641,95 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), }, }, + "volumeMounts": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "mountPath", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of volume mounts.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + }, + }, + }, + }, + }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref("k8s.io/api/core/v1.ContainerUser"), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ResourceStatus"), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, Required: []string{"name", "ready", "restartCount", "image", "imageID"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ContainerUser", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.ResourceStatus", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref("k8s.io/api/core/v1.LinuxContainerUser"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.LinuxContainerUser"}, } } @@ -2728,6 +2763,11 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of DownwardAPIVolume file", Type: []string{"array"}, @@ -2766,7 +2806,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, "fieldRef": { SchemaProps: spec.SchemaProps{ - Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), }, }, @@ -2800,6 +2840,11 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of downward API volume file", Type: []string{"array"}, @@ -2860,7 +2905,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { @@ -2909,7 +2954,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2958,10 +3003,15 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", Type: []string{"array"}, @@ -2976,6 +3026,11 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, "notReadyAddresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", Type: []string{"array"}, @@ -2990,6 +3045,11 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Port numbers available on the related IP addresses.", Type: []string{"array"}, @@ -3015,7 +3075,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3040,6 +3100,11 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, "subsets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", Type: []string{"array"}, @@ -3065,7 +3130,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3116,12 +3181,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3155,7 +3220,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3214,11 +3279,17 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), }, }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref("k8s.io/api/core/v1.FileKeySelector"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.FileKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, } } @@ -3245,6 +3316,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3260,6 +3336,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3307,8 +3388,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3323,6 +3409,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3368,14 +3458,37 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3396,6 +3509,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3499,7 +3616,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, } } @@ -3526,6 +3643,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3541,6 +3663,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3588,8 +3715,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3604,6 +3736,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3649,14 +3785,37 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerRestartRule"), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3677,6 +3836,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3773,7 +3936,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.ContainerRestartRule", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, } } @@ -4044,6 +4207,11 @@ func schema_k8sio_api_core_v1_ExecAction(ref common.ReferenceCallback) common.Op Type: []string{"object"}, Properties: map[string]spec.Schema{ "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", Type: []string{"array"}, @@ -4072,6 +4240,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "targetWWNs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "targetWWNs is Optional: FC target worldwide names (WWNs)", Type: []string{"array"}, @@ -4108,6 +4281,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo }, }, "wwids": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", Type: []string{"array"}, @@ -4128,6 +4306,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4322,7 +4551,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4436,7 +4666,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4500,6 +4730,11 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, "httpHeaders": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Custom headers to set in the request. HTTP allows repeated headers.", Type: []string{"array"}, @@ -4562,11 +4797,17 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope "ip": { SchemaProps: spec.SchemaProps{ Description: "IP address of the host file entry.", + Default: "", Type: []string{"string"}, Format: "", }, }, "hostnames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Hostnames for the above IP address.", Type: []string{"array"}, @@ -4582,6 +4823,7 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope }, }, }, + Required: []string{"ip"}, }, }, } @@ -4597,11 +4839,13 @@ func schema_k8sio_api_core_v1_HostIP(ref common.ReferenceCallback) common.OpenAP "ip": { SchemaProps: spec.SchemaProps{ Description: "IP is the IP address assigned to the host", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"ip"}, }, }, } @@ -4671,6 +4915,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4690,6 +4935,11 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4774,6 +5024,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4793,6 +5044,11 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4843,6 +5099,34 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_KeyToPath(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4899,6 +5183,14 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), }, }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, }, }, @@ -4916,25 +5208,25 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, "sleep": { SchemaProps: spec.SchemaProps{ - Description: "Sleep represents the duration that the container should sleep before being terminated.", + Description: "Sleep represents a duration that the container should sleep.", Ref: ref("k8s.io/api/core/v1.SleepAction"), }, }, @@ -5142,6 +5434,11 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "limits": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Limits is the list of LimitRangeItem objects that are enforced.", Type: []string{"array"}, @@ -5164,6 +5461,56 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5277,6 +5624,11 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "ingress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", Type: []string{"array"}, @@ -5307,7 +5659,8 @@ func schema_k8sio_api_core_v1_LocalObjectReference(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -5327,7 +5680,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5494,19 +5847,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5577,6 +5933,11 @@ func schema_k8sio_api_core_v1_NamespaceSpec(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "finalizers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", Type: []string{"array"}, @@ -5615,6 +5976,10 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -5734,6 +6099,11 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -5896,6 +6266,26 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) } } +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5981,33 +6371,59 @@ func schema_k8sio_api_core_v1_NodeProxyOptions(ref common.ReferenceCallback) com } } -func schema_k8sio_api_core_v1_NodeResources(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeResources is an object for conveying resource information about a node. see https://kubernetes.io/docs/concepts/architecture/nodes/#capacity for more details.", + Description: "NodeRuntimeHandler is a set of runtime handler information.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "Capacity": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the available resources of a node", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), - }, - }, - }, + Description: "Runtime handler name. Empty for the default runtime handler.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Supported features.", + Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), }, }, }, - Required: []string{"Capacity"}, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + } +} + +func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "recursiveReadOnlyMounts": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnlyMounts is set to true if the runtime handler supports RecursiveReadOnlyMounts.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -6019,6 +6435,11 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nodeSelectorTerms": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Required. A list of node selector terms. The terms are ORed.", Type: []string{"array"}, @@ -6071,6 +6492,11 @@ func schema_k8sio_api_core_v1_NodeSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -6100,6 +6526,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's labels.", Type: []string{"array"}, @@ -6114,6 +6545,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, "matchFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's fields.", Type: []string{"array"}, @@ -6157,6 +6593,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "podCIDRs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -6189,6 +6626,11 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, "taints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the node's taints.", Type: []string{"array"}, @@ -6232,7 +6674,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -6269,12 +6711,16 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6289,12 +6735,16 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "addresses": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6315,12 +6765,17 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), }, }, "images": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of container images on this node", Type: []string{"array"}, @@ -6335,6 +6790,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesInUse": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of attachable volumes in use (mounted) by the node.", Type: []string{"array"}, @@ -6350,6 +6810,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesAttached": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of volumes that are attached to the node.", Type: []string{"array"}, @@ -6369,11 +6834,56 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), }, }, + "runtimeHandlers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "The available runtime handlers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref("k8s.io/api/core/v1.NodeFeatures"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeFeatures", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6442,7 +6952,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6464,10 +6974,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref("k8s.io/api/core/v1.NodeSwapStatus"), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + "k8s.io/api/core/v1.NodeSwapStatus"}, } } @@ -6681,16 +7199,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { @@ -6707,7 +7227,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, "reason": { SchemaProps: spec.SchemaProps{ - Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"Resizing\" that means the underlying persistent volume is being resized.", Type: []string{"string"}, Format: "", }, @@ -6787,6 +7307,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6796,6 +7321,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6850,7 +7376,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", Type: []string{"string"}, Format: "", }, @@ -6879,6 +7405,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6888,6 +7419,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6910,12 +7442,16 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -6957,6 +7493,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, }, }, }, @@ -6964,14 +7501,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "currentVolumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, "modifyVolumeStatus": { SchemaProps: spec.SchemaProps{ - Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), }, }, @@ -7102,13 +7639,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, @@ -7120,7 +7657,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), }, }, @@ -7132,7 +7669,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), }, }, @@ -7144,13 +7681,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), }, }, @@ -7162,55 +7699,55 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), }, }, @@ -7222,13 +7759,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", + Description: "csi represents storage that is handled by an external CSI driver.", Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), }, }, @@ -7263,13 +7800,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, @@ -7281,7 +7818,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), }, }, @@ -7293,7 +7830,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), }, }, @@ -7305,13 +7842,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), }, }, @@ -7323,55 +7860,55 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), }, }, @@ -7383,17 +7920,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", + Description: "csi represents storage that is handled by an external CSI driver.", Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", Type: []string{"array"}, @@ -7403,6 +7945,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -7435,6 +7978,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, "mountOptions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "mountOptions is the list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", Type: []string{"array"}, @@ -7465,7 +8013,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process. This is an alpha field and requires enabling VolumeAttributesClass feature.", + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", Type: []string{"string"}, Format: "", }, @@ -7509,7 +8057,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac }, "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ - Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).", + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -7608,6 +8156,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7622,6 +8175,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -7657,6 +8215,11 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, "namespaces": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", Type: []string{"array"}, @@ -7692,7 +8255,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7712,7 +8275,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7742,6 +8305,11 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7756,8 +8324,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -7839,6 +8412,62 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7854,6 +8483,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -7905,6 +8541,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nameservers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", Type: []string{"array"}, @@ -7920,6 +8561,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "searches": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", Type: []string{"array"}, @@ -7935,6 +8581,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "options": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", Type: []string{"array"}, @@ -7965,15 +8616,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -8039,6 +8691,11 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the remote command to execute. argv array. Not executed within a shell.", Type: []string{"array"}, @@ -8060,6 +8717,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ContainerExtendedResourceRequest"), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ContainerExtendedResourceRequest"}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8070,11 +8770,13 @@ func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPI "ip": { SchemaProps: spec.SchemaProps{ Description: "IP is the IP address assigned to the pod", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"ip"}, }, }, } @@ -8195,7 +8897,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -8214,6 +8916,13 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -8266,6 +8975,11 @@ func schema_k8sio_api_core_v1_PodPortForwardOptions(ref common.ReferenceCallback }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of ports to forward Required when using WebSockets", Type: []string{"array"}, @@ -8346,7 +9060,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8357,19 +9071,24 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8390,7 +9109,7 @@ func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallbac }, "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. It this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", Type: []string{"string"}, Format: "", }, @@ -8465,8 +9184,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8479,6 +9203,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8487,6 +9219,11 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "sysctls": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, @@ -8514,11 +9251,24 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Ref: ref("k8s.io/api/core/v1.SeccompProfile"), }, }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, } } @@ -8553,6 +9303,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "volumes": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge,retainKeys", }, @@ -8573,12 +9327,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "initContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8593,6 +9351,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "containers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8613,6 +9375,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "ephemeralContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8690,7 +9456,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "serviceAccount": { SchemaProps: spec.SchemaProps{ - Description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + Description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", Type: []string{"string"}, Format: "", }, @@ -8704,14 +9470,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -8746,6 +9512,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "imagePullSecrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8791,6 +9561,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's tolerations.", Type: []string{"array"}, @@ -8807,12 +9582,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "hostAliases": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8845,6 +9624,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "readinessGates": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", Type: []string{"array"}, @@ -8921,14 +9705,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", Ref: ref("k8s.io/api/core/v1.PodOS"), }, }, @@ -8951,7 +9735,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate.", + Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8987,12 +9771,25 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, } } @@ -9003,6 +9800,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", @@ -9014,6 +9818,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -9090,6 +9898,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "podIPs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, @@ -9114,8 +9926,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "initContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9128,8 +9945,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "containerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9150,8 +9972,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "ephemeralContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9165,7 +9992,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "resize": { SchemaProps: spec.SchemaProps{ - Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", Type: []string{"string"}, Format: "", }, @@ -9194,11 +10021,17 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref("k8s.io/api/core/v1.PodExtendedResourceClaimStatus"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodExtendedResourceClaimStatus", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } @@ -9372,7 +10205,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -9524,25 +10358,25 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", + Description: "TCPSocket specifies a connection to a TCP port.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", + Description: "GRPC specifies a GRPC HealthCheckRequest.", Ref: ref("k8s.io/api/core/v1.GRPCAction"), }, }, @@ -9605,25 +10439,25 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", + Description: "Exec specifies a command to execute in the container.", Ref: ref("k8s.io/api/core/v1.ExecAction"), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", + Description: "HTTPGet specifies an HTTP GET request to perform.", Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", + Description: "TCPSocket specifies a connection to a TCP port.", Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", + Description: "GRPC specifies a GRPC HealthCheckRequest.", Ref: ref("k8s.io/api/core/v1.GRPCAction"), }, }, @@ -9643,8 +10477,13 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "sources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -9737,6 +10576,11 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9769,6 +10613,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9776,6 +10621,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9783,6 +10629,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9817,6 +10664,11 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9849,6 +10701,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9856,6 +10709,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9863,6 +10717,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -10104,6 +10959,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -10111,6 +10967,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -10196,6 +11053,10 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -10237,6 +11098,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -10286,6 +11154,35 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -10409,6 +11306,11 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co }, }, "scopes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", Type: []string{"array"}, @@ -10418,6 +11320,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10525,7 +11428,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -10545,6 +11448,52 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) } } +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.ResourceHealth"), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.ResourceHealth"}, + } +} + func schema_k8sio_api_core_v1_SELinuxOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -10639,6 +11588,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10653,6 +11603,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10726,6 +11677,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10740,6 +11692,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10768,6 +11721,11 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of scope selector requirements by scope of the resources.", Type: []string{"array"}, @@ -10803,11 +11761,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, "operator": { @@ -10820,6 +11778,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -10973,7 +11936,8 @@ func schema_k8sio_api_core_v1_SecretEnvSource(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -11000,7 +11964,8 @@ func schema_k8sio_api_core_v1_SecretKeySelector(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -11092,12 +12057,18 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -11173,6 +12144,11 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -11277,7 +12253,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -11289,11 +12265,17 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm Ref: ref("k8s.io/api/core/v1.SeccompProfile"), }, }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, } } @@ -11414,12 +12396,16 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo "secrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -11432,6 +12418,11 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, "imagePullSecrets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", Type: []string{"array"}, @@ -11781,6 +12772,11 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, "externalIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", Type: []string{"array"}, @@ -11811,6 +12807,11 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, "loadBalancerSourceRanges": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", Type: []string{"array"}, @@ -11834,10 +12835,10 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "externalTrafficPolicy": { SchemaProps: spec.SchemaProps{ - Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"`\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"`\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", + Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Cluster", "Cluster", "Local", "Local"}, + Enum: []interface{}{"Cluster", "Local"}, }, }, "healthCheckNodePort": { @@ -11875,6 +12876,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"", "IPv4", "IPv6"}, }, }, }, @@ -11910,6 +12912,13 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Enum: []interface{}{"Cluster", "Local"}, }, }, + "trafficDistribution": { + SchemaProps: spec.SchemaProps{ + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, @@ -12197,7 +13206,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", + Description: "TimeAdded represents the time at which the taint was added.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), }, }, @@ -12276,6 +13285,11 @@ func schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref common.Refere }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", Type: []string{"array"}, @@ -12305,6 +13319,11 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchLabelExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of topology selector requirements by labels.", Type: []string{"array"}, @@ -12371,14 +13390,14 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "minDomains": { SchemaProps: spec.SchemaProps{ - Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.", Type: []string{"integer"}, Format: "int32", }, }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12386,7 +13405,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12467,7 +13486,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -12535,19 +13555,19 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), }, }, @@ -12565,13 +13585,13 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), }, }, @@ -12583,31 +13603,31 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, @@ -12625,7 +13645,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), }, }, @@ -12637,25 +13657,25 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, @@ -12667,25 +13687,25 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), }, }, @@ -12695,12 +13715,18 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), }, }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + }, + }, }, Required: []string{"name"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, } } @@ -12756,6 +13782,13 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O Format: "", }, }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled.", + Type: []string{"string"}, + Format: "", + }, + }, "mountPath": { SchemaProps: spec.SchemaProps{ Description: "Path within the container at which the volume should be mounted. Must not contain ':'.", @@ -12773,7 +13806,7 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O }, "mountPropagation": { SchemaProps: spec.SchemaProps{ - Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", + Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Bidirectional", "HostToContainer", "None"}, @@ -12793,6 +13826,50 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O } } +func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeMountStatus shows status of volume mounts.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name corresponds to the name of the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "mountPath": { + SchemaProps: spec.SchemaProps{ + Description: "MountPath corresponds to the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "readOnly": { + SchemaProps: spec.SchemaProps{ + Description: "ReadOnly corresponds to the original VolumeMount.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, depending on the mount result.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "mountPath"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12818,7 +13895,7 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { @@ -12851,11 +13928,17 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), }, }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref("k8s.io/api/core/v1.PodCertificateProjection"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.PodCertificateProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, } } @@ -12923,19 +14006,19 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), }, }, @@ -12953,13 +14036,13 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), }, }, @@ -12971,31 +14054,31 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), }, }, @@ -13013,7 +14096,7 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), }, }, @@ -13025,25 +14108,25 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), }, }, @@ -13055,25 +14138,25 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), }, }, @@ -13083,11 +14166,17 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), }, }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, } } @@ -13236,6 +14325,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the versions supported in this group.", Type: []string{"array"}, @@ -13257,6 +14351,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13301,6 +14400,11 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, "groups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "groups is a list of APIGroup.", Type: []string{"array"}, @@ -13392,6 +14496,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "shortNames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "shortNames is a list of suggested short names of the resource.", Type: []string{"array"}, @@ -13407,6 +14516,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "categories": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", Type: []string{"array"}, @@ -13465,6 +14579,11 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "resources contains the name of the resources and if they are namespaced.", Type: []string{"array"}, @@ -13509,6 +14628,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the api versions that are available.", Type: []string{"array"}, @@ -13524,6 +14648,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13568,6 +14697,11 @@ func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13688,6 +14822,11 @@ func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13771,6 +14910,11 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13785,6 +14929,13 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, @@ -13798,8 +14949,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -14087,6 +15288,11 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", Type: []string{"array"}, @@ -14137,6 +15343,11 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -14413,8 +15624,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -14530,6 +15741,10 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "ownerReferences": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "uid", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "uid", "x-kubernetes-patch-strategy": "merge", }, @@ -14550,6 +15765,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "finalizers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -14568,6 +15784,11 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, "managedFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", Type: []string{"array"}, @@ -14774,6 +15995,11 @@ func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -14850,6 +16076,11 @@ func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.Open Type: []string{"object"}, Properties: map[string]spec.Schema{ "paths": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "paths are the paths available at root.", Type: []string{"array"}, @@ -14951,6 +16182,11 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), @@ -15041,6 +16277,11 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, "causes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", Type: []string{"array"}, @@ -15098,6 +16339,11 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, "columnDefinitions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", Type: []string{"array"}, @@ -15112,6 +16358,11 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, "rows": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "rows is the list of items in the table.", Type: []string{"array"}, @@ -15230,6 +16481,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Type: []string{"object"}, Properties: map[string]spec.Schema{ "cells": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", Type: []string{"array"}, @@ -15244,6 +16500,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", Type: []string{"array"}, @@ -15321,8 +16582,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -15407,6 +16668,11 @@ func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -15557,16 +16823,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.34/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml similarity index 99% rename from generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml rename to generated/1.34/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.27/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.34/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.34/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 99% rename from generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml rename to generated/1.34/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.26/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.34/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.28/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.34/crds/config.concierge.pinniped.dev_credentialissuers.yaml similarity index 99% rename from generated/1.28/crds/config.concierge.pinniped.dev_credentialissuers.yaml rename to generated/1.34/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.28/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.34/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.28/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.34/crds/config.supervisor.pinniped.dev_federationdomains.yaml similarity index 95% rename from generated/1.28/crds/config.supervisor.pinniped.dev_federationdomains.yaml rename to generated/1.34/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 6b7729815..f61fdba36 100644 --- a/generated/1.28/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.34/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev @@ -403,8 +403,12 @@ spec: exist. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -415,8 +419,12 @@ spec: encrypting state parameters is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -427,8 +435,12 @@ spec: signing state parameters is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -439,8 +451,12 @@ spec: signing tokens is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object diff --git a/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.34/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 99% rename from generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.34/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.28/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.34/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.34/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml similarity index 99% rename from generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml rename to generated/1.34/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.27/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.34/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.34/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml similarity index 99% rename from generated/1.26/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml rename to generated/1.34/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.34/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.34/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml similarity index 99% rename from generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml rename to generated/1.34/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.34/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.34/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml similarity index 99% rename from generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml rename to generated/1.34/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.26/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.34/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.28/README.adoc b/generated/1.35/README.adoc similarity index 82% rename from generated/1.28/README.adoc rename to generated/1.35/README.adoc index 92e119a98..4bcefa66b 100644 --- a/generated/1.28/README.adoc +++ b/generated/1.35/README.adoc @@ -23,32 +23,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -60,14 +60,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-claimvalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule"] ==== ClaimValidationRule ClaimValidationRule provides the configuration for a single claim validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -98,14 +98,14 @@ Mutually exclusive with claim and requiredValue. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-extramapping"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping"] ==== ExtraMapping ExtraMapping provides the configuration for a single extra mapping. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] **** [cols="25a,75a", options="header"] @@ -132,7 +132,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator JWTAuthenticator describes the configuration of a JWT authenticator. @@ -142,41 +142,41 @@ signature, existence of claims, etc.) and extract the username and groups from t .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] ==== JWTAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] ==== JWTAuthenticatorSpec JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] @@ -185,14 +185,14 @@ JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. | *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + also used to validate the "iss" JWT claim. + | *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + +| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + +| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + These allow invariants to be applied to incoming identities such as preventing the + use of the system: prefix that is commonly used by Kubernetes components. + The validation rules are logically ANDed together and must all return true for the validation to pass. + @@ -200,29 +200,29 @@ This is similar to claimValidationRules from Kubernetes AuthenticationConfigurat https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] ==== JWTAuthenticatorStatus JWTAuthenticatorStatus is the status of a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims"] ==== JWTTokenClaims JWTTokenClaims allows customization of the claims that will be mapped to user identity @@ -230,7 +230,7 @@ for Kubernetes access. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -295,7 +295,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + Mutually exclusive with groups. Use either groups or groupsExpression to + determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + +| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + However, note that the Pinniped Concierge issues client certificates to users for the purpose + @@ -336,34 +336,34 @@ This will result in: + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration on various authenticators. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-uservalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule"] ==== UserValidationRule UserValidationRule provides the configuration for a single user info validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -383,73 +383,73 @@ message is a literal string. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator"] ==== WebhookAuthenticator WebhookAuthenticator describes the configuration of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] ==== WebhookAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] ==== WebhookAuthenticatorSpec Spec for configuring a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] ==== WebhookAuthenticatorStatus Status of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + |=== @@ -461,35 +461,35 @@ Package clientsecret is the internal version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -500,14 +500,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -526,36 +526,36 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -566,14 +566,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -592,125 +592,125 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuer"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer"] ==== CredentialIssuer CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend"] ==== CredentialIssuerFrontend CredentialIssuerFrontend describes how to connect using a particular integration strategy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + This field is only set when Type is "ImpersonationProxy". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec"] ==== CredentialIssuerSpec CredentialIssuerSpec describes the intended configuration of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus"] ==== CredentialIssuerStatus CredentialIssuerStatus describes the status of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy"] ==== CredentialIssuerStrategy CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + +| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + | *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | When the status was last checked. + +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-frontendtype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype"] ==== FrontendType (string) FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo"] ==== ImpersonationProxyInfo ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -721,7 +721,7 @@ ImpersonationProxyInfo describes the parameters for the impersonation proxy on t |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxymode"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode"] ==== ImpersonationProxyMode (string) ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. @@ -729,25 +729,25 @@ Allowed values are "auto", "enabled", or "disabled". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] ==== ImpersonationProxyServiceSpec ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + @@ -757,7 +757,7 @@ This is not supported on all cloud providers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] ==== ImpersonationProxyServiceType (string) ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. @@ -765,40 +765,40 @@ Allowed values are "LoadBalancer", "ClusterIP", or "None". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec"] ==== ImpersonationProxySpec ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + +| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + - "disabled" explicitly disables the impersonation proxy. This is the default. + - "enabled" explicitly enables the impersonation proxy. + - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + | *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + If this field is empty, the impersonation proxy will generate its own TLS certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] ==== ImpersonationProxyTLSSpec ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should @@ -812,7 +812,7 @@ the impersonation proxy endpoint. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] @@ -825,50 +825,50 @@ the TLS serving certificate for the Concierge impersonation proxy endpoint. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategyreason"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason"] ==== StrategyReason (string) StrategyReason enumerates the detailed reason why a strategy is in a particular status. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategystatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus"] ==== StrategyStatus (string) StrategyStatus enumerates whether a strategy is working on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-strategytype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype"] ==== StrategyType (string) StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] ==== TokenCredentialRequestAPIInfo TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -887,34 +887,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomain"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain FederationDomain describes the configuration of an OIDC provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] ==== FederationDomainIdentityProvider FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -923,62 +923,62 @@ FederationDomainIdentityProvider describes how an identity provider is made avai | *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + +| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + If the reference cannot be resolved then the identity provider will not be made available. + Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + +| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + session refresh. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase"] ==== FederationDomainPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets"] ==== FederationDomainSecrets FederationDomainSecrets holds information about this OIDC Provider's secrets. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + stored. If it is empty, then the signing/verification keys are either unknown or they don't + exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + encrypting state parameters is stored. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec"] ==== FederationDomainSpec FederationDomainSpec is a struct that describes an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] @@ -992,8 +992,8 @@ https://example.com/foo/some/path/to/auth/endpoint). + See + https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + +| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + @@ -1018,33 +1018,33 @@ explicitly list the identity provider using this IdentityProviders field. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus"] ==== FederationDomainStatus FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] ==== FederationDomainTLSSpec FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -1070,21 +1070,21 @@ When your Issuer URL's host is an IP address, then this field is ignored. SNI do |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransforms"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms"] ==== FederationDomainTransforms FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + +| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + +| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + authentication attempt, including during every session refresh. + Each is a CEL expression. It may use the basic CEL language as defined in + https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + @@ -1112,7 +1112,7 @@ Any compilation or static type-checking failure of any expression will cause an During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + +| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + expected. Examples define sample input identities which are then run through the expression list, and the + results are compared to the expected results. If any example in this list fails, then this + identity provider will not be available for use within this FederationDomain, and the error(s) will be + @@ -1121,7 +1121,7 @@ expressions, and also act as living documentation for other administrators to be |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] ==== FederationDomainTransformsConstant FederationDomainTransformsConstant defines a constant variable and its value which will be made available to @@ -1129,7 +1129,7 @@ the transform expressions. This is a union type, and Type is the discriminator f .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1143,14 +1143,14 @@ Allowed values are "string" or "stringList". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] ==== FederationDomainTransformsExample FederationDomainTransformsExample defines a transform example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1158,19 +1158,19 @@ FederationDomainTransformsExample defines a transform example. | Field | Description | *`username`* __string__ | Username is the input username. + | *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + +| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + input Username and Groups. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] ==== FederationDomainTransformsExampleExpects FederationDomainTransformsExampleExpects defines the expected result for a transforms example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] **** [cols="25a,75a", options="header"] @@ -1190,14 +1190,14 @@ transformation error, such as a runtime error. When Rejected is false, there is |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] ==== FederationDomainTransformsExpression FederationDomainTransformsExpression defines a transform expression. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1211,70 +1211,70 @@ an authentication attempt. When empty, a default message will be used. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-granttype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype"] ==== GrantType (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient describes the configuration of an OIDC client. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase"] ==== OIDCClientPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec"] ==== OIDCClientSpec OIDCClientSpec is a struct that describes an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + +| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. + Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + +| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + client. + Must only contain the following values: + @@ -1285,7 +1285,7 @@ This grant must be listed if allowedScopes lists offline_access. + - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + which is a step in the process to be able to get a cluster credential for the user. + This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + +| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: + - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + @@ -1301,37 +1301,37 @@ Without the username scope being requested and allowed, the ID token will not co - groups: The client is allowed to request that ID tokens contain the user's group membership, + if their group membership is discoverable by the Supervisor. + Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + +| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus"] ==== OIDCClientStatus OIDCClientStatus is a struct that describes the actual state of an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] ==== OIDCClientTokenLifetimes OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** [cols="25a,75a", options="header"] @@ -1350,26 +1350,26 @@ longer lifetimes. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-redirecturi"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi"] ==== RedirectURI (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-scope"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope"] ==== Scope (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** @@ -1382,19 +1382,19 @@ Package identity is the internal version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1402,18 +1402,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1421,7 +1421,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1432,57 +1432,57 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1494,19 +1494,19 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1514,18 +1514,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1533,7 +1533,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1544,58 +1544,58 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1607,34 +1607,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity pro -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] ==== ActiveDirectoryIdentityProvider ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] ==== ActiveDirectoryIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1648,14 +1648,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] ==== ActiveDirectoryIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1689,7 +1689,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -1717,14 +1717,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] ==== ActiveDirectoryIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -1741,66 +1741,66 @@ where domain is constructed from the domain components of the group DN. + -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] ==== ActiveDirectoryIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] ==== ActiveDirectoryIdentityProviderSpec Spec for configuring an ActiveDirectory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] ==== ActiveDirectoryIdentityProviderStatus Status of an Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] ==== ActiveDirectoryIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1824,19 +1824,19 @@ This means that the user is a person, is not a computer, the sAMAccountType is f and is not shown in advanced view only + (which would likely mean its a system created service account with advanced permissions). + Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] ==== ActiveDirectoryIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -1851,32 +1851,32 @@ Optional, when empty this defaults to "objectGUID". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -1888,14 +1888,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubapiconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig"] ==== GitHubAPIConfig GitHubAPIConfig allows configuration for GitHub Enterprise Server .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1909,56 +1909,56 @@ Port is optional. Do not specify a path, query, fragment, or userinfo. + Only specify domain name or IP address, subdomains (optional), and port (optional). + IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + Note that this field should not be needed when using GitHub's public API ("github.com"). + However, if you choose to specify this field when using GitHub's public API, you must + specify a CA bundle that will verify connections to "api.github.com". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] ==== GitHubAllowAuthenticationSpec GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + +| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] ==== GitHubAllowedAuthOrganizationsPolicy (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims"] ==== GitHubClaims GitHubClaims allows customization of the username and groups claims. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + +| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + Can be either "id", "login", or "login:id". Defaults to "login:id". + @@ -1979,7 +1979,7 @@ choice to concatenate the two values. + See the response schema for + [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + +| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + Can be either "name" or "slug". Defaults to "slug". + @@ -2000,7 +2000,7 @@ See the response schema for + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec"] ==== GitHubClientSpec GitHubClientSpec contains information about the GitHub client that this identity provider will use @@ -2008,7 +2008,7 @@ for web-based login flows. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2021,7 +2021,7 @@ This secret must be of type "secrets.pinniped.dev/github-client" with keys "clie |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] ==== GitHubGroupNameAttribute (string) GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group @@ -2030,12 +2030,12 @@ names to present to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider"] ==== GitHubIdentityProvider GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. @@ -2046,85 +2046,85 @@ as OIDCClients. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] ==== GitHubIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] ==== GitHubIdentityProviderSpec GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + +| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + +| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] ==== GitHubIdentityProviderStatus GitHubIdentityProviderStatus is the status of an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] ==== GitHubOrganizationsSpec .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + +| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + Defaults to "OnlyUsersFromAllowedOrganizations". + Must be set to "AllGitHubUsers" if the allowed field is empty. + @@ -2144,7 +2144,7 @@ If no organizations are listed, you must set organizations: AllGitHubUsers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubusernameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute"] ==== GitHubUsernameAttribute (string) GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present @@ -2153,12 +2153,12 @@ to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access @@ -2166,27 +2166,27 @@ Protocol (LDAP) identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] ==== LDAPIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2200,14 +2200,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] ==== LDAPIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2232,7 +2232,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -2260,14 +2260,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] ==== LDAPIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -2283,66 +2283,66 @@ Optional. When not specified, the default will act as if the GroupName were spec -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] ==== LDAPIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] ==== LDAPIdentityProviderSpec Spec for configuring an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] ==== LDAPIdentityProviderStatus Status of an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] ==== LDAPIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2358,19 +2358,19 @@ Note that the dn (distinguished name) is not an attribute of an entry, so "dn={} Optional. When not specified, the default will act as if the Filter were specified as the value from + Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] ==== LDAPIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -2390,7 +2390,7 @@ server in the user's entry. Distinguished names can be used by specifying lower- |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] ==== OIDCAuthorizationConfig OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization @@ -2398,7 +2398,7 @@ request parameters. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2432,7 +2432,7 @@ may ignore scopes that it does not understand or require (see + https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + @@ -2468,14 +2468,14 @@ allowPasswordGrant defaults to false. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims"] ==== OIDCClaims OIDCClaims provides a mapping from upstream claims into identities. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2499,7 +2499,7 @@ are not available, the "additionalClaims" claim will be excluded from the ID tok |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient contains information about an OIDC client (e.g., client ID and client @@ -2507,7 +2507,7 @@ secret). .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2520,48 +2520,48 @@ struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oid |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] ==== OIDCIdentityProvider OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] ==== OIDCIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] ==== OIDCIdentityProviderSpec OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] @@ -2569,42 +2569,42 @@ OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. | Field | Description | *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + /.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] ==== OIDCIdentityProviderStatus OIDCIdentityProviderStatus is the status of an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-parameter"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter"] ==== Parameter Parameter is a key/value pair which represents a parameter in an HTTP request. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] **** [cols="25a,75a", options="header"] @@ -2615,24 +2615,24 @@ Parameter is a key/value pair which represents a parameter in an HTTP request. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration for identity provider integration. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== @@ -2645,7 +2645,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-clustercredential"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential"] ==== ClusterCredential ClusterCredential is the cluster-specific credential returned on a successful credential request. It @@ -2653,73 +2653,73 @@ contains either a valid bearer token or a valid TLS certificate and correspondin .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + | *`token`* __string__ | Token is a bearer token used by the client for request authentication. + | *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + | *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest"] ==== TokenCredentialRequest TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] ==== TokenCredentialRequestSpec Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] ==== TokenCredentialRequestStatus Status of a TokenCredentialRequest, returned on responses to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-28-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + | *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + |=== diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.35/apis/concierge/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/doc.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/doc.go diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/register.go b/generated/1.35/apis/concierge/authentication/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/register.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/register.go diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.35/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.35/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/types_tls.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/types_tls.go diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.35/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go diff --git a/generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/concierge/config/v1alpha1/doc.go b/generated/1.35/apis/concierge/config/v1alpha1/doc.go similarity index 100% rename from generated/1.27/apis/concierge/config/v1alpha1/doc.go rename to generated/1.35/apis/concierge/config/v1alpha1/doc.go diff --git a/generated/1.27/apis/concierge/config/v1alpha1/register.go b/generated/1.35/apis/concierge/config/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/concierge/config/v1alpha1/register.go rename to generated/1.35/apis/concierge/config/v1alpha1/register.go diff --git a/generated/1.27/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.35/apis/concierge/config/v1alpha1/types_credentialissuer.go similarity index 100% rename from generated/1.27/apis/concierge/config/v1alpha1/types_credentialissuer.go rename to generated/1.35/apis/concierge/config/v1alpha1/types_credentialissuer.go diff --git a/generated/1.27/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/concierge/identity/doc.go b/generated/1.35/apis/concierge/identity/doc.go similarity index 100% rename from generated/1.27/apis/concierge/identity/doc.go rename to generated/1.35/apis/concierge/identity/doc.go diff --git a/generated/1.27/apis/concierge/identity/register.go b/generated/1.35/apis/concierge/identity/register.go similarity index 100% rename from generated/1.27/apis/concierge/identity/register.go rename to generated/1.35/apis/concierge/identity/register.go diff --git a/generated/1.27/apis/concierge/identity/types_userinfo.go b/generated/1.35/apis/concierge/identity/types_userinfo.go similarity index 100% rename from generated/1.27/apis/concierge/identity/types_userinfo.go rename to generated/1.35/apis/concierge/identity/types_userinfo.go diff --git a/generated/1.27/apis/concierge/identity/types_whoamirequest.go b/generated/1.35/apis/concierge/identity/types_whoamirequest.go similarity index 100% rename from generated/1.27/apis/concierge/identity/types_whoamirequest.go rename to generated/1.35/apis/concierge/identity/types_whoamirequest.go diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.35/apis/concierge/identity/v1alpha1/conversion.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/conversion.go rename to generated/1.35/apis/concierge/identity/v1alpha1/conversion.go diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.35/apis/concierge/identity/v1alpha1/defaults.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/defaults.go rename to generated/1.35/apis/concierge/identity/v1alpha1/defaults.go diff --git a/generated/1.26/apis/concierge/identity/v1alpha1/doc.go b/generated/1.35/apis/concierge/identity/v1alpha1/doc.go similarity index 84% rename from generated/1.26/apis/concierge/identity/v1alpha1/doc.go rename to generated/1.35/apis/concierge/identity/v1alpha1/doc.go index 7e00fc1bb..10b3b8622 100644 --- a/generated/1.26/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.35/apis/concierge/identity/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.26/apis/concierge/identity +// +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta // +groupName=identity.concierge.pinniped.dev diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/register.go b/generated/1.35/apis/concierge/identity/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/register.go rename to generated/1.35/apis/concierge/identity/v1alpha1/register.go diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.35/apis/concierge/identity/v1alpha1/types_userinfo.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/types_userinfo.go rename to generated/1.35/apis/concierge/identity/v1alpha1/types_userinfo.go diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/types_whoamirequest.go b/generated/1.35/apis/concierge/identity/v1alpha1/types_whoamirequest.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/types_whoamirequest.go rename to generated/1.35/apis/concierge/identity/v1alpha1/types_whoamirequest.go diff --git a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.conversion.go rename to generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index c77d637f9..a4e3ac693 100644 --- a/generated/1.29/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - identity "go.pinniped.dev/generated/1.29/apis/concierge/identity" + identity "go.pinniped.dev/generated/1.35/apis/concierge/identity" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.27/apis/concierge/identity/v1alpha1/zz_generated.defaults.go rename to generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.28/apis/concierge/identity/validation/validation.go b/generated/1.35/apis/concierge/identity/validation/validation.go similarity index 84% rename from generated/1.28/apis/concierge/identity/validation/validation.go rename to generated/1.35/apis/concierge/identity/validation/validation.go index 81318827e..f0ac1080c 100644 --- a/generated/1.28/apis/concierge/identity/validation/validation.go +++ b/generated/1.35/apis/concierge/identity/validation/validation.go @@ -6,7 +6,7 @@ package validation import ( "k8s.io/apimachinery/pkg/util/validation/field" - identityapi "go.pinniped.dev/generated/1.28/apis/concierge/identity" + identityapi "go.pinniped.dev/generated/1.35/apis/concierge/identity" ) func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { diff --git a/generated/1.27/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/identity/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/identity/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/identity/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/concierge/login/doc.go b/generated/1.35/apis/concierge/login/doc.go similarity index 100% rename from generated/1.27/apis/concierge/login/doc.go rename to generated/1.35/apis/concierge/login/doc.go diff --git a/generated/1.27/apis/concierge/login/register.go b/generated/1.35/apis/concierge/login/register.go similarity index 100% rename from generated/1.27/apis/concierge/login/register.go rename to generated/1.35/apis/concierge/login/register.go diff --git a/generated/1.27/apis/concierge/login/types_clustercredential.go b/generated/1.35/apis/concierge/login/types_clustercredential.go similarity index 100% rename from generated/1.27/apis/concierge/login/types_clustercredential.go rename to generated/1.35/apis/concierge/login/types_clustercredential.go diff --git a/generated/1.27/apis/concierge/login/types_tokencredentialrequest.go b/generated/1.35/apis/concierge/login/types_tokencredentialrequest.go similarity index 100% rename from generated/1.27/apis/concierge/login/types_tokencredentialrequest.go rename to generated/1.35/apis/concierge/login/types_tokencredentialrequest.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/conversion.go b/generated/1.35/apis/concierge/login/v1alpha1/conversion.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/conversion.go rename to generated/1.35/apis/concierge/login/v1alpha1/conversion.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/defaults.go b/generated/1.35/apis/concierge/login/v1alpha1/defaults.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/defaults.go rename to generated/1.35/apis/concierge/login/v1alpha1/defaults.go diff --git a/generated/1.29/apis/concierge/login/v1alpha1/doc.go b/generated/1.35/apis/concierge/login/v1alpha1/doc.go similarity index 84% rename from generated/1.29/apis/concierge/login/v1alpha1/doc.go rename to generated/1.35/apis/concierge/login/v1alpha1/doc.go index b8f1a4429..0d7317c44 100644 --- a/generated/1.29/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.35/apis/concierge/login/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.29/apis/concierge/login +// +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/concierge/login // +k8s:defaulter-gen=TypeMeta // +groupName=login.concierge.pinniped.dev diff --git a/generated/1.27/apis/concierge/login/v1alpha1/register.go b/generated/1.35/apis/concierge/login/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/register.go rename to generated/1.35/apis/concierge/login/v1alpha1/register.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/types_clustercredential.go b/generated/1.35/apis/concierge/login/v1alpha1/types_clustercredential.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/types_clustercredential.go rename to generated/1.35/apis/concierge/login/v1alpha1/types_clustercredential.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go b/generated/1.35/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go rename to generated/1.35/apis/concierge/login/v1alpha1/types_tokencredentialrequest.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.27/apis/concierge/login/v1alpha1/zz_generated.conversion.go rename to generated/1.35/apis/concierge/login/v1alpha1/zz_generated.conversion.go index f3f92ae80..f004a6ccc 100644 --- a/generated/1.27/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - login "go.pinniped.dev/generated/1.27/apis/concierge/login" + login "go.pinniped.dev/generated/1.35/apis/concierge/login" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.27/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.27/apis/concierge/login/v1alpha1/zz_generated.defaults.go rename to generated/1.35/apis/concierge/login/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.27/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.35/apis/concierge/login/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/concierge/login/zz_generated.deepcopy.go rename to generated/1.35/apis/concierge/login/zz_generated.deepcopy.go diff --git a/generated/1.35/apis/go.mod b/generated/1.35/apis/go.mod new file mode 100644 index 000000000..983b2c0a5 --- /dev/null +++ b/generated/1.35/apis/go.mod @@ -0,0 +1,29 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.35/apis + +go 1.25.0 + +require ( + k8s.io/api v0.35.0 + k8s.io/apimachinery v0.35.0 +) + +require ( + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect + golang.org/x/net v0.47.0 // indirect + golang.org/x/text v0.31.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect +) diff --git a/generated/1.35/apis/go.sum b/generated/1.35/apis/go.sum new file mode 100644 index 000000000..8fed2e633 --- /dev/null +++ b/generated/1.35/apis/go.sum @@ -0,0 +1,66 @@ +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= +golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= +golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= +golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.27/apis/supervisor/clientsecret/doc.go b/generated/1.35/apis/supervisor/clientsecret/doc.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/doc.go rename to generated/1.35/apis/supervisor/clientsecret/doc.go diff --git a/generated/1.27/apis/supervisor/clientsecret/register.go b/generated/1.35/apis/supervisor/clientsecret/register.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/register.go rename to generated/1.35/apis/supervisor/clientsecret/register.go diff --git a/generated/1.27/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.35/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go rename to generated/1.35/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/conversion.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/conversion.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/conversion.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/conversion.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/defaults.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/defaults.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/defaults.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/defaults.go diff --git a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go similarity index 85% rename from generated/1.29/apis/supervisor/clientsecret/v1alpha1/doc.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go index 7c242f66a..c95dc68a6 100644 --- a/generated/1.29/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -3,7 +3,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret +// +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta // +groupName=clientsecret.supervisor.pinniped.dev diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/register.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/register.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go diff --git a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go similarity index 99% rename from generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index fa245e847..07a45b022 100644 --- a/generated/1.26/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -11,7 +11,7 @@ package v1alpha1 import ( unsafe "unsafe" - clientsecret "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret" + clientsecret "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go rename to generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.27/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.35/apis/supervisor/clientsecret/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/supervisor/clientsecret/zz_generated.deepcopy.go rename to generated/1.35/apis/supervisor/clientsecret/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/doc.go b/generated/1.35/apis/supervisor/config/v1alpha1/doc.go similarity index 100% rename from generated/1.27/apis/supervisor/config/v1alpha1/doc.go rename to generated/1.35/apis/supervisor/config/v1alpha1/doc.go diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/register.go b/generated/1.35/apis/supervisor/config/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/supervisor/config/v1alpha1/register.go rename to generated/1.35/apis/supervisor/config/v1alpha1/register.go diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.35/apis/supervisor/config/v1alpha1/types_federationdomain.go similarity index 100% rename from generated/1.27/apis/supervisor/config/v1alpha1/types_federationdomain.go rename to generated/1.35/apis/supervisor/config/v1alpha1/types_federationdomain.go diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go b/generated/1.35/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.27/apis/supervisor/config/v1alpha1/types_oidcclient.go rename to generated/1.35/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.35/apis/supervisor/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/doc.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/doc.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/register.go b/generated/1.35/apis/supervisor/idp/v1alpha1/register.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/register.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/register.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.35/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go b/generated/1.35/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/types_githubidentityprovider.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.35/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.35/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.35/apis/supervisor/idp/v1alpha1/types_tls.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/types_tls.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/types_tls.go diff --git a/generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.35/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from generated/1.27/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.35/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go diff --git a/generated/1.27/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.35/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go similarity index 100% rename from generated/1.27/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go rename to generated/1.35/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go diff --git a/generated/1.27/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.35/apis/supervisor/oidc/types_supervisor_oidc.go similarity index 100% rename from generated/1.27/apis/supervisor/oidc/types_supervisor_oidc.go rename to generated/1.35/apis/supervisor/oidc/types_supervisor_oidc.go diff --git a/generated/1.28/client/concierge/clientset/versioned/clientset.go b/generated/1.35/client/concierge/clientset/versioned/clientset.go similarity index 94% rename from generated/1.28/client/concierge/clientset/versioned/clientset.go rename to generated/1.35/client/concierge/clientset/versioned/clientset.go index 6bde8f6d5..a8265faf6 100644 --- a/generated/1.28/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.35/client/concierge/clientset/versioned/clientset.go @@ -6,13 +6,13 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.26/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.35/client/concierge/clientset/versioned/fake/clientset_generated.go similarity index 66% rename from generated/1.26/client/concierge/clientset/versioned/fake/clientset_generated.go rename to generated/1.35/client/concierge/clientset/versioned/fake/clientset_generated.go index e47ac132f..a80f189c7 100644 --- a/generated/1.26/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.35/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -6,15 +6,16 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1" - fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" - identityv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1" - fakeidentityv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" - loginv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1" - fakeloginv1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -24,8 +25,12 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. +// +// Deprecated: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) for _, obj := range objects { @@ -38,9 +43,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } @@ -67,6 +76,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/1.27/client/concierge/clientset/versioned/fake/doc.go b/generated/1.35/client/concierge/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/fake/doc.go rename to generated/1.35/client/concierge/clientset/versioned/fake/doc.go diff --git a/generated/1.28/client/concierge/clientset/versioned/fake/register.go b/generated/1.35/client/concierge/clientset/versioned/fake/register.go similarity index 85% rename from generated/1.28/client/concierge/clientset/versioned/fake/register.go rename to generated/1.35/client/concierge/clientset/versioned/fake/register.go index 11231b323..692c8c43a 100644 --- a/generated/1.28/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.35/client/concierge/clientset/versioned/fake/register.go @@ -6,10 +6,10 @@ package fake import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.27/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.35/client/concierge/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/scheme/doc.go rename to generated/1.35/client/concierge/clientset/versioned/scheme/doc.go diff --git a/generated/1.26/client/concierge/clientset/versioned/scheme/register.go b/generated/1.35/client/concierge/clientset/versioned/scheme/register.go similarity index 85% rename from generated/1.26/client/concierge/clientset/versioned/scheme/register.go rename to generated/1.35/client/concierge/clientset/versioned/scheme/register.go index 548ef9c51..00b669f73 100644 --- a/generated/1.26/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.35/client/concierge/clientset/versioned/scheme/register.go @@ -6,10 +6,10 @@ package scheme import ( - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/config/v1alpha1" - identityv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1" - loginv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 84% rename from generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index de5aa0609..643e95bf9 100644 --- a/generated/1.26/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned/scheme" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthentica // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *AuthenticationV1alpha1Client { return &AuthenticationV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := authenticationv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 84% rename from generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index c92e72df9..2e2d79665 100644 --- a/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeAuthenticationV1alpha1 struct { } func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { - return &FakeJWTAuthenticators{c} + return newFakeJWTAuthenticators(c) } func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { - return &FakeWebhookAuthenticators{c} + return newFakeWebhookAuthenticators(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 000000000..de9409588 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeJWTAuthenticators implements JWTAuthenticatorInterface +type fakeJWTAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeJWTAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.JWTAuthenticatorInterface { + return &fakeJWTAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.JWTAuthenticator, *v1alpha1.JWTAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("JWTAuthenticator"), + func() *v1alpha1.JWTAuthenticator { return &v1alpha1.JWTAuthenticator{} }, + func() *v1alpha1.JWTAuthenticatorList { return &v1alpha1.JWTAuthenticatorList{} }, + func(dst, src *v1alpha1.JWTAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.JWTAuthenticatorList) []*v1alpha1.JWTAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.JWTAuthenticatorList, items []*v1alpha1.JWTAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..aa3530154 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type fakeWebhookAuthenticators struct { + *gentype.FakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList] + Fake *FakeAuthenticationV1alpha1 +} + +func newFakeWebhookAuthenticators(fake *FakeAuthenticationV1alpha1) authenticationv1alpha1.WebhookAuthenticatorInterface { + return &fakeWebhookAuthenticators{ + gentype.NewFakeClientWithList[*v1alpha1.WebhookAuthenticator, *v1alpha1.WebhookAuthenticatorList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"), + v1alpha1.SchemeGroupVersion.WithKind("WebhookAuthenticator"), + func() *v1alpha1.WebhookAuthenticator { return &v1alpha1.WebhookAuthenticator{} }, + func() *v1alpha1.WebhookAuthenticatorList { return &v1alpha1.WebhookAuthenticatorList{} }, + func(dst, src *v1alpha1.WebhookAuthenticatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.WebhookAuthenticatorList) []*v1alpha1.WebhookAuthenticator { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.WebhookAuthenticatorList, items []*v1alpha1.WebhookAuthenticator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go rename to generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..12290f7fd --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,59 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, jWTAuthenticator *authenticationv1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList] +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.JWTAuthenticator, *authenticationv1alpha1.JWTAuthenticatorList]( + "jwtauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.JWTAuthenticator { return &authenticationv1alpha1.JWTAuthenticator{} }, + func() *authenticationv1alpha1.JWTAuthenticatorList { + return &authenticationv1alpha1.JWTAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..10e77b001 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,61 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, webhookAuthenticator *authenticationv1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*authenticationv1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*authenticationv1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *authenticationv1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + *gentype.ClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList] +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + gentype.NewClientWithList[*authenticationv1alpha1.WebhookAuthenticator, *authenticationv1alpha1.WebhookAuthenticatorList]( + "webhookauthenticators", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *authenticationv1alpha1.WebhookAuthenticator { + return &authenticationv1alpha1.WebhookAuthenticator{} + }, + func() *authenticationv1alpha1.WebhookAuthenticatorList { + return &authenticationv1alpha1.WebhookAuthenticatorList{} + }, + ), + } +} diff --git a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 82% rename from generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index 1e8166345..7f16387c3 100644 --- a/generated/1.29/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.29/apis/concierge/config/v1alpha1" - "go.pinniped.dev/generated/1.29/client/concierge/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..9e50ac0bc --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.CreateOptions) (*configv1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, credentialIssuer *configv1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*configv1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + *gentype.ClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList] +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + gentype.NewClientWithList[*configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuerList]( + "credentialissuers", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *configv1alpha1.CredentialIssuer { return &configv1alpha1.CredentialIssuer{} }, + func() *configv1alpha1.CredentialIssuerList { return &configv1alpha1.CredentialIssuerList{} }, + ), + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 86% rename from generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index f6be66ac0..5605a379f 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { - return &FakeCredentialIssuers{c} + return newFakeCredentialIssuers(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 000000000..63442d606 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeCredentialIssuers implements CredentialIssuerInterface +type fakeCredentialIssuers struct { + *gentype.FakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList] + Fake *FakeConfigV1alpha1 +} + +func newFakeCredentialIssuers(fake *FakeConfigV1alpha1) configv1alpha1.CredentialIssuerInterface { + return &fakeCredentialIssuers{ + gentype.NewFakeClientWithList[*v1alpha1.CredentialIssuer, *v1alpha1.CredentialIssuerList]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("credentialissuers"), + v1alpha1.SchemeGroupVersion.WithKind("CredentialIssuer"), + func() *v1alpha1.CredentialIssuer { return &v1alpha1.CredentialIssuer{} }, + func() *v1alpha1.CredentialIssuerList { return &v1alpha1.CredentialIssuerList{} }, + func(dst, src *v1alpha1.CredentialIssuerList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.CredentialIssuerList) []*v1alpha1.CredentialIssuer { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.CredentialIssuerList, items []*v1alpha1.CredentialIssuer) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.35/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go similarity index 86% rename from generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index caa7abfec..3c7d4de68 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeIdentityV1alpha1 struct { } func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { - return &FakeWhoAmIRequests{c} + return newFakeWhoAmIRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 000000000..7883eef2d --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeWhoAmIRequests implements WhoAmIRequestInterface +type fakeWhoAmIRequests struct { + *gentype.FakeClient[*v1alpha1.WhoAmIRequest] + Fake *FakeIdentityV1alpha1 +} + +func newFakeWhoAmIRequests(fake *FakeIdentityV1alpha1) identityv1alpha1.WhoAmIRequestInterface { + return &fakeWhoAmIRequests{ + gentype.NewFakeClient[*v1alpha1.WhoAmIRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("whoamirequests"), + v1alpha1.SchemeGroupVersion.WithKind("WhoAmIRequest"), + func() *v1alpha1.WhoAmIRequest { return &v1alpha1.WhoAmIRequest{} }, + ), + fake, + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go rename to generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go similarity index 82% rename from generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index 430ce6048..4187dfe84 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/identity/v1alpha1" - "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" + identityv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *IdentityV1alpha1Client { return &IdentityV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := identityv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 000000000..431ae8080 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,45 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + identityv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *identityv1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*identityv1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + *gentype.Client[*identityv1alpha1.WhoAmIRequest] +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + gentype.NewClient[*identityv1alpha1.WhoAmIRequest]( + "whoamirequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *identityv1alpha1.WhoAmIRequest { return &identityv1alpha1.WhoAmIRequest{} }, + ), + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go similarity index 85% rename from generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 57b549c34..9ad010229 100644 --- a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeLoginV1alpha1 struct { } func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { - return &FakeTokenCredentialRequests{c} + return newFakeTokenCredentialRequests(c) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 000000000..5a8986662 --- /dev/null +++ b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeTokenCredentialRequests implements TokenCredentialRequestInterface +type fakeTokenCredentialRequests struct { + *gentype.FakeClient[*v1alpha1.TokenCredentialRequest] + Fake *FakeLoginV1alpha1 +} + +func newFakeTokenCredentialRequests(fake *FakeLoginV1alpha1) loginv1alpha1.TokenCredentialRequestInterface { + return &fakeTokenCredentialRequests{ + gentype.NewFakeClient[*v1alpha1.TokenCredentialRequest]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"), + v1alpha1.SchemeGroupVersion.WithKind("TokenCredentialRequest"), + func() *v1alpha1.TokenCredentialRequest { return &v1alpha1.TokenCredentialRequest{} }, + ), + fake, + } +} diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go diff --git a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go similarity index 82% rename from generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index eca38a741..3fd648ba1 100644 --- a/generated/1.28/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.28/apis/concierge/login/v1alpha1" - "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestIn // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *LoginV1alpha1Client { return &LoginV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := loginv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go similarity index 50% rename from generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go rename to generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 0dd512e7d..81fa53326 100644 --- a/generated/1.27/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.35/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -6,12 +6,12 @@ package v1alpha1 import ( - "context" + context "context" - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1" - scheme "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned/scheme" + loginv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - rest "k8s.io/client-go/rest" + gentype "k8s.io/client-go/gentype" ) // TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. @@ -22,30 +22,24 @@ type TokenCredentialRequestsGetter interface { // TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. type TokenCredentialRequestInterface interface { - Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + Create(ctx context.Context, tokenCredentialRequest *loginv1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*loginv1alpha1.TokenCredentialRequest, error) TokenCredentialRequestExpansion } // tokenCredentialRequests implements TokenCredentialRequestInterface type tokenCredentialRequests struct { - client rest.Interface + *gentype.Client[*loginv1alpha1.TokenCredentialRequest] } // newTokenCredentialRequests returns a TokenCredentialRequests func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { return &tokenCredentialRequests{ - client: c.RESTClient(), + gentype.NewClient[*loginv1alpha1.TokenCredentialRequest]( + "tokencredentialrequests", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *loginv1alpha1.TokenCredentialRequest { return &loginv1alpha1.TokenCredentialRequest{} }, + ), } } - -// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. -func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { - result = &v1alpha1.TokenCredentialRequest{} - err = c.client.Post(). - Resource("tokencredentialrequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tokenCredentialRequest). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.27/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.35/client/concierge/informers/externalversions/authentication/interface.go similarity index 89% rename from generated/1.27/client/concierge/informers/externalversions/authentication/interface.go rename to generated/1.35/client/concierge/informers/externalversions/authentication/interface.go index e09359537..a3783f2d2 100644 --- a/generated/1.27/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.35/client/concierge/informers/externalversions/authentication/interface.go @@ -6,8 +6,8 @@ package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/authentication/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go similarity index 95% rename from generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go rename to generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index b23fba1b1..8d2d4cd0a 100644 --- a/generated/1.29/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.29/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go similarity index 64% rename from generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go rename to generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 4f6652818..377efb665 100644 --- a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/listers/authentication/v1alpha1" + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // JWTAuthenticators. type JWTAuthenticatorInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.JWTAuthenticatorLister + Lister() authenticationv1alpha1.JWTAuthenticatorLister } type jWTAuthenticatorInformer struct { @@ -43,21 +43,33 @@ func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.D // one. This reduces memory footprint and number of connections to the server. func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.Background(), options) }, - }, - &authenticationv1alpha1.JWTAuthenticator{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, options) + }, + }, client), + &conciergeauthenticationv1alpha1.JWTAuthenticator{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, r } func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) } -func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { - return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +func (f *jWTAuthenticatorInformer) Lister() authenticationv1alpha1.JWTAuthenticatorLister { + return authenticationv1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) } diff --git a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go similarity index 64% rename from generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go rename to generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index b4740d658..082d26c76 100644 --- a/generated/1.26/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.35/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - authenticationv1alpha1 "go.pinniped.dev/generated/1.26/apis/concierge/authentication/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/concierge/listers/authentication/v1alpha1" + conciergeauthenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/listers/authentication/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // WebhookAuthenticators. type WebhookAuthenticatorInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookAuthenticatorLister + Lister() authenticationv1alpha1.WebhookAuthenticatorLister } type webhookAuthenticatorInformer struct { @@ -43,21 +43,33 @@ func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod ti // one. This reduces memory footprint and number of connections to the server. func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.Background(), options) }, - }, - &authenticationv1alpha1.WebhookAuthenticator{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, options) + }, + }, client), + &conciergeauthenticationv1alpha1.WebhookAuthenticator{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interfac } func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeauthenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) } -func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { - return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +func (f *webhookAuthenticatorInformer) Lister() authenticationv1alpha1.WebhookAuthenticatorLister { + return authenticationv1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) } diff --git a/generated/1.27/client/concierge/informers/externalversions/config/interface.go b/generated/1.35/client/concierge/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.27/client/concierge/informers/externalversions/config/interface.go rename to generated/1.35/client/concierge/informers/externalversions/config/interface.go index 6ccfba405..5850c058f 100644 --- a/generated/1.27/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.35/client/concierge/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go similarity index 66% rename from generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go rename to generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 6d4b6f1b9..097358282 100644 --- a/generated/1.27/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/concierge/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/concierge/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/concierge/listers/config/v1alpha1" + conciergeconfigv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/concierge/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // CredentialIssuers. type CredentialIssuerInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.CredentialIssuerLister + Lister() configv1alpha1.CredentialIssuerLister } type credentialIssuerInformer struct { @@ -43,21 +43,33 @@ func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.D // one. This reduces memory footprint and number of connections to the server. func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) + return client.ConfigV1alpha1().CredentialIssuers().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.Background(), options) }, - }, - &configv1alpha1.CredentialIssuer{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, options) + }, + }, client), + &conciergeconfigv1alpha1.CredentialIssuer{}, resyncPeriod, indexers, ) @@ -68,9 +80,9 @@ func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, r } func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) + return f.factory.InformerFor(&conciergeconfigv1alpha1.CredentialIssuer{}, f.defaultInformer) } -func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { - return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +func (f *credentialIssuerInformer) Lister() configv1alpha1.CredentialIssuerLister { + return configv1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/interface.go similarity index 94% rename from generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/interface.go index e64e2c37b..edaf476cc 100644 --- a/generated/1.28/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.35/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.28/client/concierge/informers/externalversions/factory.go b/generated/1.35/client/concierge/informers/externalversions/factory.go similarity index 91% rename from generated/1.28/client/concierge/informers/externalversions/factory.go rename to generated/1.35/client/concierge/informers/externalversions/factory.go index 4287f2fee..5d1e240da 100644 --- a/generated/1.28/client/concierge/informers/externalversions/factory.go +++ b/generated/1.35/client/concierge/informers/externalversions/factory.go @@ -10,10 +10,10 @@ import ( sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" - authentication "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/authentication" - config "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/config" - internalinterfaces "go.pinniped.dev/generated/1.28/client/concierge/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.35/client/concierge/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -30,6 +30,7 @@ type sharedInformerFactory struct { lock sync.Mutex defaultResync time.Duration customResync map[reflect.Type]time.Duration + transform cache.TransformFunc informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -68,6 +69,14 @@ func WithNamespace(namespace string) SharedInformerOption { } } +// WithTransform sets a transform on all informers. +func WithTransform(transform cache.TransformFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.transform = transform + return factory + } +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -76,6 +85,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -172,6 +182,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) + informer.SetTransform(f.transform) f.informers[informerType] = informer return informer @@ -182,7 +193,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. @@ -206,6 +217,7 @@ type SharedInformerFactory interface { // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. Start(stopCh <-chan struct{}) // Shutdown marks a factory as shutting down. At that point no new diff --git a/generated/1.27/client/concierge/informers/externalversions/generic.go b/generated/1.35/client/concierge/informers/externalversions/generic.go similarity index 93% rename from generated/1.27/client/concierge/informers/externalversions/generic.go rename to generated/1.35/client/concierge/informers/externalversions/generic.go index b5d6dd034..1b0a6ba17 100644 --- a/generated/1.27/client/concierge/informers/externalversions/generic.go +++ b/generated/1.35/client/concierge/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/authentication/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/concierge/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.28/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.35/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 93% rename from generated/1.28/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.35/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index fd32963de..c63c28f72 100644 --- a/generated/1.28/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.35/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.28/client/concierge/clientset/versioned" + versioned "go.pinniped.dev/generated/1.35/client/concierge/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" diff --git a/generated/1.27/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.35/client/concierge/listers/authentication/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.27/client/concierge/listers/authentication/v1alpha1/expansion_generated.go rename to generated/1.35/client/concierge/listers/authentication/v1alpha1/expansion_generated.go diff --git a/generated/1.35/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.35/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 000000000..0691bf198 --- /dev/null +++ b/generated/1.35/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.JWTAuthenticator] +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{listers.New[*authenticationv1alpha1.JWTAuthenticator](indexer, authenticationv1alpha1.Resource("jwtauthenticator"))} +} diff --git a/generated/1.35/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.35/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..4d16fab08 --- /dev/null +++ b/generated/1.35/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/authentication/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*authenticationv1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*authenticationv1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + listers.ResourceIndexer[*authenticationv1alpha1.WebhookAuthenticator] +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{listers.New[*authenticationv1alpha1.WebhookAuthenticator](indexer, authenticationv1alpha1.Resource("webhookauthenticator"))} +} diff --git a/generated/1.35/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.35/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 000000000..9526639f7 --- /dev/null +++ b/generated/1.35/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,35 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + listers.ResourceIndexer[*configv1alpha1.CredentialIssuer] +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{listers.New[*configv1alpha1.CredentialIssuer](indexer, configv1alpha1.Resource("credentialissuer"))} +} diff --git a/generated/1.27/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.35/client/concierge/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.27/client/concierge/listers/config/v1alpha1/expansion_generated.go rename to generated/1.35/client/concierge/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.26/client/concierge/openapi/zz_generated.openapi.go b/generated/1.35/client/concierge/openapi/zz_generated.openapi.go similarity index 71% rename from generated/1.26/client/concierge/openapi/zz_generated.openapi.go rename to generated/1.35/client/concierge/openapi/zz_generated.openapi.go index fce40f1df..0a958ac0b 100644 --- a/generated/1.26/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.35/client/concierge/openapi/zz_generated.openapi.go @@ -6,295 +6,322 @@ // Code generated by openapi-gen. DO NOT EDIT. -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi +package concierge import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeResources": schema_k8sio_api_core_v1_NodeResources(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -309,7 +336,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "User is the UserInfo associated with the current user.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.UserInfo"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo"), }, }, "audiences": { @@ -332,7 +359,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.UserInfo"}, + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo"}, } } @@ -427,26 +454,26 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -474,7 +501,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -485,7 +512,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest"), }, }, }, @@ -496,7 +523,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -522,7 +549,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe SchemaProps: spec.SchemaProps{ Description: "The current authenticated user, exactly as Kubernetes understands it.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), }, }, }, @@ -530,7 +557,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, + "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, } } @@ -544,8 +571,7 @@ func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.Reference "expirationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "token": { @@ -573,7 +599,7 @@ func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -601,26 +627,26 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -648,7 +674,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -659,7 +685,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequest"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest"), }, }, }, @@ -670,7 +696,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -692,7 +718,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. SchemaProps: spec.SchemaProps{ Description: "Reference to an authenticator which can validate this credential request.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -700,7 +726,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName()}, } } @@ -714,7 +740,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo "credential": { SchemaProps: spec.SchemaProps{ Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.ClusterCredential"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential"), }, }, "message": { @@ -728,7 +754,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.26/apis/concierge/login/v1alpha1.ClusterCredential"}, + "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential"}, } } @@ -785,26 +811,68 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_AppArmorProfile(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppArmorProfile defines a pod or container's AppArmor settings.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.\n\nPossible enum values:\n - `\"Localhost\"` indicates that a profile pre-loaded on the node should be used.\n - `\"RuntimeDefault\"` indicates that the container runtime's default AppArmor profile should be used.\n - `\"Unconfined\"` indicates that no AppArmor profile should be enforced.", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}, + }, + }, + "localhostProfile": { + SchemaProps: spec.SchemaProps{ + Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "discriminator": "type", + "fields-to-discriminateBy": map[string]interface{}{ + "localhostProfile": "LocalhostProfile", + }, + }, + }, + }, + }, + }, } } @@ -846,6 +914,11 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Type: []string{"object"}, Properties: map[string]spec.Schema{ "preferAvoidPods": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Bounded-sized list of signatures of pods that should avoid this node, sorted in timestamp order from oldest to newest. Size of the slice is unspecified.", Type: []string{"array"}, @@ -853,7 +926,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -863,7 +936,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -892,14 +965,17 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback }, "cachingMode": { SchemaProps: spec.SchemaProps{ - Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", + Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, }, }, "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -907,15 +983,18 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, }, "kind": { SchemaProps: spec.SchemaProps{ - Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", + Enum: []interface{}{"Dedicated", "Managed", "Shared"}, }, }, }, @@ -1010,7 +1089,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1031,14 +1110,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1046,7 +1125,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1054,7 +1133,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -1106,31 +1185,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ - Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This is an beta field and requires enabling ExpandCSIVolumes feature gate. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ - Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is an alpha field and requires enabling CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1138,7 +1217,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1190,7 +1269,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1198,7 +1277,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1210,6 +1289,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "add": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Added capabilities", Type: []string{"array"}, @@ -1225,6 +1309,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. }, }, "drop": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Removed capabilities", Type: []string{"array"}, @@ -1253,6 +1342,11 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1291,7 +1385,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1306,7 +1400,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1318,6 +1412,11 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1356,7 +1455,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1371,7 +1470,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1407,7 +1506,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1415,7 +1514,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1451,7 +1550,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1459,34 +1558,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, - } -} - -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long).\n\nAn existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1510,6 +1582,57 @@ func schema_k8sio_api_core_v1_ClientIPConfig(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundleProjection describes how to select a set of ClusterTrustBundle objects and project their contents into the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.", + Type: []string{"string"}, + Format: "", + }, + }, + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.", + Type: []string{"string"}, + Format: "", + }, + }, + "labelSelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "Relative path from the volume root to write the bundle.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{ + metav1.LabelSelector{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_ComponentCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1579,12 +1702,16 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -1596,7 +1723,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1606,7 +1733,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1635,7 +1762,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1646,7 +1773,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1657,7 +1784,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1686,7 +1813,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1731,7 +1858,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1744,7 +1871,8 @@ func schema_k8sio_api_core_v1_ConfigMapEnvSource(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1771,7 +1899,8 @@ func schema_k8sio_api_core_v1_ConfigMapKeySelector(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1828,7 +1957,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1839,7 +1968,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1850,7 +1979,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1915,12 +2044,18 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -1928,7 +2063,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1945,7 +2080,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1958,12 +2093,18 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -1971,7 +2112,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1995,7 +2136,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2022,6 +2163,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2037,6 +2183,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2077,21 +2228,26 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -2100,6 +2256,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -2111,7 +2271,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -2121,12 +2281,61 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "resizePolicy": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, }, }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -2138,7 +2347,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2147,6 +2356,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -2158,7 +2371,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2167,25 +2380,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2200,19 +2413,21 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\nPossible enum values:\n - `\"FallbackToLogsOnError\"` will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.\n - `\"File\"` is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"FallbackToLogsOnError", "File"}}, + Enum: []interface{}{"FallbackToLogsOnError", "File"}, + }, }, "imagePullPolicy": { SchemaProps: spec.SchemaProps{ Description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Always", "IfNotPresent", "Never"}}, + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, }, "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2241,7 +2456,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2253,6 +2506,11 @@ func schema_k8sio_api_core_v1_ContainerImage(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "names": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Names by which this image is known. e.g. [\"kubernetes.example/hyperkube:v1.0.7\", \"cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7\"]", Type: []string{"array"}, @@ -2315,7 +2573,8 @@ func schema_k8sio_api_core_v1_ContainerPort(ref common.ReferenceCallback) common Default: "TCP", Type: []string{"string"}, Format: "", - Enum: []interface{}{"SCTP", "TCP", "UDP"}}, + Enum: []interface{}{"SCTP", "TCP", "UDP"}, + }, }, "hostIP": { SchemaProps: spec.SchemaProps{ @@ -2331,6 +2590,106 @@ func schema_k8sio_api_core_v1_ContainerPort(ref common.ReferenceCallback) common } } +func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerResizePolicy represents resource resize policy for the container.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceName", "restartPolicy"}, + }, + }, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2341,26 +2700,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2374,15 +2733,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2425,15 +2783,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2448,7 +2804,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2488,7 +2844,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.", + Description: "Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.", Default: "", Type: []string{"string"}, Format: "", @@ -2496,21 +2852,21 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, "state": { SchemaProps: spec.SchemaProps{ - Description: "Details about the container's current condition.", + Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ - Description: "Details about the container's last termination condition.", + Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { SchemaProps: spec.SchemaProps{ - Description: "Specifies whether the container has passed its readiness probe.", + Description: "Ready specifies whether the container is currently passing its readiness check. The value will change as readiness probes keep executing. If no readiness probes are specified, this field defaults to true once the container is fully started (see Started field).\n\nThe value is typically used to determine whether a container is ready to accept traffic.", Default: false, Type: []string{"boolean"}, Format: "", @@ -2518,7 +2874,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, "restartCount": { SchemaProps: spec.SchemaProps{ - Description: "The number of times the container has been restarted.", + Description: "RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.", Default: 0, Type: []string{"integer"}, Format: "int32", @@ -2526,7 +2882,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, "image": { SchemaProps: spec.SchemaProps{ - Description: "The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images.", + Description: "Image is the name of container image that the container is running. The container image may not match the image used in the PodSpec, as it may have been resolved by the runtime. More info: https://kubernetes.io/docs/concepts/containers/images.", Default: "", Type: []string{"string"}, Format: "", @@ -2534,7 +2890,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, "imageID": { SchemaProps: spec.SchemaProps{ - Description: "ImageID of the container's image.", + Description: "ImageID is the image ID of the container's image. The image ID may not match the image ID of the image used in the PodSpec, as it may have been resolved by the runtime.", Default: "", Type: []string{"string"}, Format: "", @@ -2542,24 +2898,127 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, "containerID": { SchemaProps: spec.SchemaProps{ - Description: "Container's ID in the format '://'.", + Description: "ContainerID is the ID of the container in the format '://'. Where type is a container runtime identifier, returned from Version call of CRI API (for example \"containerd\").", Type: []string{"string"}, Format: "", }, }, "started": { SchemaProps: spec.SchemaProps{ - Description: "Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined.", + Description: "Started indicates whether the container has finished its postStart lifecycle hook and passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. In both cases, startup probes will run again. Is always true when no startupProbe is defined and container is running and has passed the postStart lifecycle hook. The null value must be treated the same as false.", Type: []string{"boolean"}, Format: "", }, }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources represents the compute resources allocated for this container by the node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission and after successfully admitting desired pod resize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "volumeMounts": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "mountPath", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of volume mounts.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, + }, + }, }, Required: []string{"name", "ready", "restartCount", "image", "imageID"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2593,6 +3052,11 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of DownwardAPIVolume file", Type: []string{"array"}, @@ -2600,7 +3064,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2610,7 +3074,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2631,14 +3095,14 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, "fieldRef": { SchemaProps: spec.SchemaProps{ - Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2653,7 +3117,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -2665,6 +3129,11 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of downward API volume file", Type: []string{"array"}, @@ -2672,7 +3141,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2689,7 +3158,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2709,15 +3178,15 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) }, "sizeLimit": { SchemaProps: spec.SchemaProps{ - Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -2725,12 +3194,12 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { SchemaProps: spec.SchemaProps{ - Description: "The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.", + Description: "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).", Default: "", Type: []string{"string"}, Format: "", @@ -2753,7 +3222,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -2766,7 +3235,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -2774,7 +3243,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2797,11 +3266,12 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. Description: "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.\n\nPossible enum values:\n - `\"SCTP\"` is the SCTP protocol.\n - `\"TCP\"` is the TCP protocol.\n - `\"UDP\"` is the UDP protocol.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"SCTP", "TCP", "UDP"}}, + Enum: []interface{}{"SCTP", "TCP", "UDP"}, + }, }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -2822,10 +3292,15 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", Type: []string{"array"}, @@ -2833,13 +3308,18 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, }, }, "notReadyAddresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", Type: []string{"array"}, @@ -2847,13 +3327,18 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Port numbers available on the related IP addresses.", Type: []string{"array"}, @@ -2861,7 +3346,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -2871,7 +3356,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -2879,7 +3364,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2900,10 +3385,15 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", Type: []string{"array"}, @@ -2911,7 +3401,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -2921,7 +3411,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -2929,7 +3419,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2950,7 +3440,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -2961,7 +3451,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -2972,7 +3462,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -2980,12 +3470,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -2993,20 +3483,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3019,7 +3509,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3035,7 +3525,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3043,7 +3533,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3057,32 +3547,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3109,6 +3605,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3124,6 +3625,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3164,21 +3670,26 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3187,6 +3698,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3198,7 +3713,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3208,12 +3723,61 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "resizePolicy": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Resources resize policy for the container.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, }, }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3225,7 +3789,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3234,6 +3798,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3245,7 +3813,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3254,25 +3822,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3287,19 +3855,21 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\nPossible enum values:\n - `\"FallbackToLogsOnError\"` will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.\n - `\"File\"` is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"FallbackToLogsOnError", "File"}}, + Enum: []interface{}{"FallbackToLogsOnError", "File"}, + }, }, "imagePullPolicy": { SchemaProps: spec.SchemaProps{ Description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Always", "IfNotPresent", "Never"}}, + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, }, "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3335,7 +3905,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3362,6 +3932,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3377,6 +3952,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3417,21 +3997,26 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3440,6 +4025,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3451,7 +4040,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3461,12 +4050,61 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "resizePolicy": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Resources resize policy for the container.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, }, }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3478,7 +4116,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3487,6 +4125,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3498,7 +4140,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3507,25 +4149,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3540,19 +4182,21 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\nPossible enum values:\n - `\"FallbackToLogsOnError\"` will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.\n - `\"File\"` is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"FallbackToLogsOnError", "File"}}, + Enum: []interface{}{"FallbackToLogsOnError", "File"}, + }, }, "imagePullPolicy": { SchemaProps: spec.SchemaProps{ Description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Always", "IfNotPresent", "Never"}}, + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, }, "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3581,7 +4225,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3595,14 +4239,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -3631,14 +4275,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -3659,21 +4303,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -3693,14 +4335,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -3713,7 +4354,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -3737,7 +4378,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -3766,7 +4407,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3777,7 +4418,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -3788,7 +4429,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3809,15 +4450,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -3856,6 +4496,11 @@ func schema_k8sio_api_core_v1_ExecAction(ref common.ReferenceCallback) common.Op Type: []string{"object"}, Properties: map[string]spec.Schema{ "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", Type: []string{"array"}, @@ -3884,6 +4529,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "targetWWNs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "targetWWNs is Optional: FC target worldwide names (WWNs)", Type: []string{"array"}, @@ -3920,6 +4570,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo }, }, "wwids": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", Type: []string{"array"}, @@ -3940,6 +4595,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -3965,7 +4671,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -3996,7 +4702,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4025,7 +4731,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4056,7 +4762,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4134,7 +4840,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4248,7 +4955,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4293,7 +5000,6 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common "port": { SchemaProps: spec.SchemaProps{ Description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -4309,9 +5015,15 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Description: "Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - `\"HTTP\"` means that the scheme used will be http://\n - `\"HTTPS\"` means that the scheme used will be https://", Type: []string{"string"}, Format: "", - Enum: []interface{}{"HTTP", "HTTPS"}}, + Enum: []interface{}{"HTTP", "HTTPS"}, + }, }, "httpHeaders": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Custom headers to set in the request. HTTP allows repeated headers.", Type: []string{"array"}, @@ -4319,7 +5031,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4330,7 +5042,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -4374,11 +5086,17 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope "ip": { SchemaProps: spec.SchemaProps{ Description: "IP address of the host file entry.", + Default: "", Type: []string{"string"}, Format: "", }, }, "hostnames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Hostnames for the above IP address.", Type: []string{"array"}, @@ -4394,6 +5112,29 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope }, }, }, + Required: []string{"ip"}, + }, + }, + } +} + +func schema_k8sio_api_core_v1_HostIP(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "HostIP represents a single IP address allocated to the host.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Description: "IP is the IP address assigned to the host", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ip"}, }, }, } @@ -4416,9 +5157,10 @@ func schema_k8sio_api_core_v1_HostPathVolumeSource(ref common.ReferenceCallback) }, "type": { SchemaProps: spec.SchemaProps{ - Description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + Description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n\nPossible enum values:\n - `\"\"` For backwards compatible, leave it empty if unset\n - `\"BlockDevice\"` A block device must exist at the given path\n - `\"CharDevice\"` A character device must exist at the given path\n - `\"Directory\"` A directory must exist at the given path\n - `\"DirectoryOrCreate\"` If nothing exists at the given path, an empty directory will be created there as needed with file mode 0755, having the same group and ownership with Kubelet.\n - `\"File\"` A file must exist at the given path\n - `\"FileOrCreate\"` If nothing exists at the given path, an empty file will be created there as needed with file mode 0644, having the same group and ownership with Kubelet.\n - `\"Socket\"` A UNIX socket must exist at the given path", Type: []string{"string"}, Format: "", + Enum: []interface{}{"", "BlockDevice", "CharDevice", "Directory", "DirectoryOrCreate", "File", "FileOrCreate", "Socket"}, }, }, }, @@ -4462,6 +5204,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4481,6 +5224,11 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4512,7 +5260,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4527,7 +5275,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4565,6 +5313,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4584,6 +5333,11 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4615,7 +5369,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4630,7 +5384,35 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, } } @@ -4681,20 +5463,28 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -4707,27 +5497,33 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), + }, + }, + "sleep": { + SchemaProps: spec.SchemaProps{ + Description: "Sleep represents a duration that the container should sleep.", + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -4756,21 +5552,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -4797,8 +5593,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4812,8 +5607,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4827,8 +5621,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4842,8 +5635,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4857,8 +5649,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4869,7 +5660,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -4898,7 +5689,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -4909,7 +5700,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -4920,7 +5711,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -4932,6 +5723,11 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "limits": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Limits is the list of LimitRangeItem objects that are enforced.", Type: []string{"array"}, @@ -4939,7 +5735,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -4950,7 +5746,57 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, } } @@ -4979,7 +5825,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -4989,8 +5835,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5001,7 +5846,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5026,6 +5871,13 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Format: "", }, }, + "ipMode": { + SchemaProps: spec.SchemaProps{ + Description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. Setting this to \"VIP\" indicates that traffic is delivered to the node with the destination set to the load-balancer's IP and port. Setting this to \"Proxy\" indicates that traffic is delivered to the node or pod with the destination set to the node's IP and node port or the pod's IP and port. Service implementations may use this information to adjust traffic routing.", + Type: []string{"string"}, + Format: "", + }, + }, "ports": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -5039,7 +5891,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5049,7 +5901,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5061,6 +5913,11 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "ingress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", Type: []string{"array"}, @@ -5068,7 +5925,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5078,7 +5935,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5091,7 +5948,8 @@ func schema_k8sio_api_core_v1_LocalObjectReference(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -5111,7 +5969,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5136,6 +5994,36 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ModifyVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "targetVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately.\n\nPossible enum values:\n - `\"InProgress\"` InProgress indicates that the volume is being modified\n - `\"Infeasible\"` Infeasible indicates that the request has been rejected as invalid by the CSI driver. To resolve the error, a valid VolumeAttributesClass needs to be specified\n - `\"Pending\"` Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as the specified VolumeAttributesClass not existing", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"InProgress", "Infeasible", "Pending"}, + }, + }, + }, + Required: []string{"status"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_NFSVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5198,28 +6086,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5248,20 +6136,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5269,7 +6159,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5298,7 +6188,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5309,7 +6199,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5320,7 +6210,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5332,6 +6222,11 @@ func schema_k8sio_api_core_v1_NamespaceSpec(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "finalizers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", Type: []string{"array"}, @@ -5364,11 +6259,16 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Description: "Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/\n\nPossible enum values:\n - `\"Active\"` means the namespace is available for use in the system\n - `\"Terminating\"` means the namespace is undergoing graceful termination", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Active", "Terminating"}}, + Enum: []interface{}{"Active", "Terminating"}, + }, }, "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -5380,7 +6280,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -5390,7 +6290,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -5419,28 +6319,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5484,10 +6384,15 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -5495,7 +6400,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -5505,7 +6410,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, } } @@ -5535,15 +6440,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5565,7 +6468,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5579,14 +6482,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -5600,19 +6503,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -5626,7 +6529,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -5641,14 +6544,34 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5677,7 +6600,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5688,7 +6611,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -5699,7 +6622,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5737,34 +6660,59 @@ func schema_k8sio_api_core_v1_NodeProxyOptions(ref common.ReferenceCallback) com } } -func schema_k8sio_api_core_v1_NodeResources(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeResources is an object for conveying resource information about a node. see https://kubernetes.io/docs/concepts/architecture/nodes/#capacity for more details.", + Description: "NodeRuntimeHandler is a set of runtime handler information.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "Capacity": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the available resources of a node", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), - }, - }, - }, + Description: "Runtime handler name. Empty for the default runtime handler.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Supported features.", + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, - Required: []string{"Capacity"}, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "recursiveReadOnlyMounts": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnlyMounts is set to true if the runtime handler supports RecursiveReadOnlyMounts.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5776,6 +6724,11 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nodeSelectorTerms": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Required. A list of node selector terms. The terms are ORed.", Type: []string{"array"}, @@ -5783,7 +6736,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -5799,7 +6752,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -5824,9 +6777,15 @@ func schema_k8sio_api_core_v1_NodeSelectorRequirement(ref common.ReferenceCallba Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"DoesNotExist", "Exists", "Gt", "In", "Lt", "NotIn"}}, + Enum: []interface{}{"DoesNotExist", "Exists", "Gt", "In", "Lt", "NotIn"}, + }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -5856,6 +6815,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's labels.", Type: []string{"array"}, @@ -5863,13 +6827,18 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, }, }, "matchFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's fields.", Type: []string{"array"}, @@ -5877,7 +6846,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -5892,7 +6861,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -5913,6 +6882,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "podCIDRs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -5945,6 +6915,11 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, "taints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the node's taints.", Type: []string{"array"}, @@ -5952,7 +6927,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -5961,7 +6936,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -5975,7 +6950,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -5988,14 +6963,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6009,8 +6983,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6021,23 +6994,28 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Description: "NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.\n\nPossible enum values:\n - `\"Pending\"` means the node has been created/added by the system, but not configured.\n - `\"Running\"` means the node has been configured and has Kubernetes components running.\n - `\"Terminated\"` means the node has been removed from the cluster.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Pending", "Running", "Terminated"}}, + Enum: []interface{}{"Pending", "Running", "Terminated"}, + }, }, "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6046,18 +7024,22 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "addresses": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example.", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6067,17 +7049,22 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of container images on this node", Type: []string{"array"}, @@ -6085,13 +7072,18 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, }, }, "volumesInUse": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of attachable volumes in use (mounted) by the node.", Type: []string{"array"}, @@ -6107,6 +7099,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesAttached": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of volumes that are attached to the node.", Type: []string{"array"}, @@ -6114,7 +7111,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6123,14 +7120,79 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), + }, + }, + "runtimeHandlers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "The available runtime handlers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6199,7 +7261,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6221,10 +7283,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -6354,28 +7424,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6404,28 +7474,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6433,40 +7503,40 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PersistentVolumeClaimCondition contails details about state of pvc", + Description: "PersistentVolumeClaimCondition contains details about state of pvc", Type: []string{"object"}, Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"Resizing\" that means the underlying persistent volume is being resized.", Type: []string{"string"}, Format: "", }, @@ -6483,7 +7553,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -6512,7 +7582,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6523,7 +7593,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -6534,7 +7604,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6546,6 +7616,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6555,6 +7630,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6563,14 +7639,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -6589,28 +7665,36 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, "volumeMode": { SchemaProps: spec.SchemaProps{ - Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.\n\nPossible enum values:\n - `\"Block\"` means the volume will not be formatted with a filesystem and will remain a raw block device.\n - `\"Filesystem\"` means the volume will be or is formatted with a filesystem.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Block", "Filesystem"}, }, }, "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), + }, + }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -6626,9 +7710,15 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Description: "phase represents the current phase of PersistentVolumeClaim.\n\nPossible enum values:\n - `\"Bound\"` used for PersistentVolumeClaims that are bound\n - `\"Lost\"` used for PersistentVolumeClaims that lost their underlying PersistentVolume. The claim was bound to a PersistentVolume and this volume does not exist any longer and all data on it was lost.\n - `\"Pending\"` used for PersistentVolumeClaims that are not yet bound", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Bound", "Lost", "Pending"}}, + Enum: []interface{}{"Bound", "Lost", "Pending"}, + }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6638,6 +7728,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6651,8 +7742,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6661,18 +7751,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -6680,31 +7774,58 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, - "resizeStatus": { + "allocatedResourceStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "granular", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, + }, + }, + }, + }, + }, + "currentVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, + "modifyVolumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -6719,14 +7840,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -6734,7 +7855,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6792,7 +7913,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6803,7 +7924,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -6814,7 +7935,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6827,141 +7948,141 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -6980,8 +8101,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6989,137 +8109,142 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", Type: []string{"array"}, @@ -7129,6 +8254,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -7142,7 +8268,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -7150,7 +8276,8 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Description: "persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming\n\nPossible enum values:\n - `\"Delete\"` means the volume will be deleted from Kubernetes on release from its claim. The volume plugin must support Deletion.\n - `\"Recycle\"` means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. The volume plugin must support Recycling.\n - `\"Retain\"` means the volume will be left in its current phase (Released) for manual reclamation by the administrator. The default policy is Retain.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Delete", "Recycle", "Retain"}}, + Enum: []interface{}{"Delete", "Recycle", "Retain"}, + }, }, "storageClassName": { SchemaProps: spec.SchemaProps{ @@ -7160,6 +8287,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, "mountOptions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "mountOptions is the list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", Type: []string{"array"}, @@ -7176,22 +8308,30 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "volumeMode": { SchemaProps: spec.SchemaProps{ - Description: "volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec.", + Description: "volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec.\n\nPossible enum values:\n - `\"Block\"` means the volume will not be formatted with a filesystem and will remain a raw block device.\n - `\"Filesystem\"` means the volume will be or is formatted with a filesystem.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Block", "Filesystem"}, }, }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), + }, + }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7207,7 +8347,8 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac Description: "phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase\n\nPossible enum values:\n - `\"Available\"` used for PersistentVolumes that are not yet bound Available volumes are held by the binder and matched to PersistentVolumeClaims\n - `\"Bound\"` used for PersistentVolumes that are bound\n - `\"Failed\"` used for PersistentVolumes that failed to be correctly recycled or deleted after being released from a claim\n - `\"Pending\"` used for PersistentVolumes that are not available\n - `\"Released\"` used for PersistentVolumes where the bound PersistentVolumeClaim was deleted released volumes must be recycled before becoming available again this phase is used by the persistent volume claim binder to signal to another process to reclaim the resource", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Available", "Bound", "Failed", "Pending", "Released"}}, + Enum: []interface{}{"Available", "Bound", "Failed", "Pending", "Released"}, + }, }, "message": { SchemaProps: spec.SchemaProps{ @@ -7223,9 +8364,17 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac Format: "", }, }, + "lastPhaseTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.Time{}.OpenAPIModelName()}, } } @@ -7283,28 +8432,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7316,6 +8465,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7323,13 +8477,18 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -7337,7 +8496,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7347,7 +8506,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7360,11 +8519,16 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "labelSelector": { SchemaProps: spec.SchemaProps{ - Description: "A label query over a set of resources, in this case pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", Type: []string{"array"}, @@ -7390,7 +8554,47 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), + }, + }, + "matchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "mismatchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, @@ -7398,7 +8602,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7410,6 +8614,11 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7417,21 +8626,26 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7441,7 +8655,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7507,6 +8721,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7522,6 +8808,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -7533,15 +8826,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -7563,7 +8854,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7575,6 +8866,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nameservers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", Type: []string{"array"}, @@ -7590,6 +8886,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "searches": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", Type: []string{"array"}, @@ -7605,6 +8906,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "options": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", Type: []string{"array"}, @@ -7612,7 +8918,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -7622,7 +8928,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -7635,15 +8941,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -7709,6 +9016,11 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the remote command to execute. argv array. Not executed within a shell.", Type: []string{"array"}, @@ -7730,21 +9042,66 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } -func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "IP address information for entries in the (plural) PodIPs field. Each entry includes:\n\n\tIP: An IP address allocated to the pod. Routable at least within the cluster.", + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "ip": { + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "ip is an IP address (IPv4 or IPv6) assigned to the pod", + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodIP represents a single IP address allocated to the pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Description: "IP is the IP address assigned to the pod", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ip"}, }, }, } @@ -7775,7 +9132,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7786,7 +9143,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -7797,7 +9154,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7853,7 +9210,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -7865,7 +9222,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -7884,11 +9241,18 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7936,6 +9300,11 @@ func schema_k8sio_api_core_v1_PodPortForwardOptions(ref common.ReferenceCallback }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of ports to forward Required when using WebSockets", Type: []string{"array"}, @@ -8016,7 +9385,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8027,19 +9396,53 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name"}, + }, + }, + } +} + +func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim which references a ResourceClaimTemplate. It stores the generated name for the corresponding ResourceClaim.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name uniquely identifies this resource claim inside the pod. This must match the name of an entry in pod.spec.resourceClaims, which implies that the string must be a DNS_LABEL.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8075,13 +9478,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -8106,8 +9509,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8120,6 +9528,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8128,6 +9544,11 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "sysctls": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, @@ -8135,7 +9556,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -8143,22 +9564,36 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, "fsGroupChangePolicy": { SchemaProps: spec.SchemaProps{ - Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Always\"` indicates that volume's ownership and permissions should always be changed whenever volume is mounted inside a Pod. This the default behavior.\n - `\"OnRootMismatch\"` indicates that volume's ownership and permissions will be changed only when permission and ownership of root directory does not match with expected permissions on the volume. This can help shorten the time it takes to change ownership and permissions of a volume.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Always", "OnRootMismatch"}, }, }, "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), + }, + }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -8172,14 +9607,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -8193,6 +9628,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "volumes": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge,retainKeys", }, @@ -8204,7 +9643,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -8213,18 +9652,22 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "initContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8233,6 +9676,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "containers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8244,7 +9691,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8253,6 +9700,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "ephemeralContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8264,7 +9715,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -8272,10 +9723,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy\n\nPossible enum values:\n - `\"Always\"`\n - `\"Never\"`\n - `\"OnFailure\"`", + Description: "Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy\n\nPossible enum values:\n - `\"Always\"`\n - `\"Never\"`\n - `\"OnFailure\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Always", "Never", "OnFailure"}}, + Enum: []interface{}{"Always", "Never", "OnFailure"}, + }, }, "terminationGracePeriodSeconds": { SchemaProps: spec.SchemaProps{ @@ -8296,7 +9748,8 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Description: "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.\n\nPossible enum values:\n - `\"ClusterFirst\"` indicates that the pod should use cluster DNS first unless hostNetwork is true, if it is available, then fall back on the default (as determined by kubelet) DNS settings.\n - `\"ClusterFirstWithHostNet\"` indicates that the pod should use cluster DNS first, if it is available, then fall back on the default (as determined by kubelet) DNS settings.\n - `\"Default\"` indicates that the pod should use the default (as determined by kubelet) DNS settings.\n - `\"None\"` indicates that the pod should use empty DNS settings. DNS parameters such as nameservers and search paths should be defined via DNSConfig.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"ClusterFirst", "ClusterFirstWithHostNet", "Default", "None"}}, + Enum: []interface{}{"ClusterFirst", "ClusterFirstWithHostNet", "Default", "None"}, + }, }, "nodeSelector": { VendorExtensible: spec.VendorExtensible{ @@ -8328,7 +9781,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "serviceAccount": { SchemaProps: spec.SchemaProps{ - Description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + Description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", Type: []string{"string"}, Format: "", }, @@ -8342,14 +9795,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -8378,12 +9831,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8395,7 +9852,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -8418,7 +9875,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -8429,6 +9886,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's tolerations.", Type: []string{"array"}, @@ -8436,7 +9898,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -8445,18 +9907,22 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "hostAliases": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -8479,10 +9945,15 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", Type: []string{"array"}, @@ -8490,7 +9961,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -8512,9 +9983,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "preemptionPolicy": { SchemaProps: spec.SchemaProps{ - Description: "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.", + Description: "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.\n\nPossible enum values:\n - `\"Never\"` means that pod never preempts other pods with lower priority.\n - `\"PreemptLowerPriority\"` means that pod can preempt other pods with lower priority.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Never", "PreemptLowerPriority"}, }, }, "overhead": { @@ -8525,8 +9997,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -8551,7 +10022,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -8559,15 +10030,15 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { @@ -8589,13 +10060,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness.\n\nThis is an alpha-level feature enabled by PodSchedulingReadiness feature gate.", + Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -8613,24 +10084,43 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "workloadRef": { + SchemaProps: spec.SchemaProps{ + Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -8641,16 +10131,28 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Failed", "Pending", "Running", "Succeeded", "Unknown"}}, + Enum: []interface{}{"Failed", "Pending", "Running", "Succeeded", "Unknown"}, + }, }, "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -8662,7 +10164,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -8691,14 +10193,35 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "hostIP": { SchemaProps: spec.SchemaProps{ - Description: "IP address of the host to which the pod is assigned. Empty if not yet scheduled.", + Description: "hostIP holds the IP address of the host to which the pod is assigned. Empty if the pod has not started yet. A pod can be assigned to a node that has a problem in kubelet which in turns mean that HostIP will not be updated even if there is a node is assigned to pod", Type: []string{"string"}, Format: "", }, }, + "hostIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "ip", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "hostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must match the hostIP field. This list is empty if the pod has not started yet. A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will not be updated even if there is a node is assigned to this pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.HostIP{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "podIP": { SchemaProps: spec.SchemaProps{ - Description: "IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", + Description: "podIP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", Type: []string{"string"}, Format: "", }, @@ -8706,6 +10229,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "podIPs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, @@ -8717,7 +10244,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -8726,32 +10253,42 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, }, }, "containerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -8759,30 +10296,93 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "qosClass": { SchemaProps: spec.SchemaProps{ - Description: "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md\n\nPossible enum values:\n - `\"BestEffort\"` is the BestEffort qos class.\n - `\"Burstable\"` is the Burstable qos class.\n - `\"Guaranteed\"` is the Guaranteed qos class.", + Description: "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes\n\nPossible enum values:\n - `\"BestEffort\"` is the BestEffort qos class.\n - `\"Burstable\"` is the Burstable qos class.\n - `\"Guaranteed\"` is the Guaranteed qos class.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "Burstable", "Guaranteed"}}, + Enum: []interface{}{"BestEffort", "Burstable", "Guaranteed"}, + }, }, "ephemeralContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, }, }, + "resize": { + SchemaProps: spec.SchemaProps{ + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge,retainKeys", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of resource claims.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -8811,21 +10411,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8854,21 +10454,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8897,7 +10497,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -8908,7 +10508,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -8919,7 +10519,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -8934,21 +10534,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8956,7 +10556,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -8972,7 +10573,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"SCTP", "TCP", "UDP"}}, + Enum: []interface{}{"SCTP", "TCP", "UDP"}, + }, }, "error": { SchemaProps: spec.SchemaProps{ @@ -9035,14 +10637,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9064,7 +10665,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9087,7 +10688,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -9095,7 +10696,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -9108,26 +10709,26 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -9176,7 +10777,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9189,33 +10790,33 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9227,14 +10828,19 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "sources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -9251,7 +10857,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -9321,6 +10927,11 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9353,6 +10964,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9360,6 +10972,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9367,6 +10980,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9374,7 +10988,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -9389,7 +11003,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -9401,6 +11015,11 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9433,6 +11052,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9440,6 +11060,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9447,6 +11068,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9454,7 +11076,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -9469,7 +11091,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -9498,7 +11120,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -9521,7 +11143,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9550,28 +11172,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9601,8 +11223,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9624,7 +11245,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -9653,7 +11274,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9664,7 +11285,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -9675,7 +11296,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9689,6 +11310,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -9696,6 +11318,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -9723,15 +11346,15 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall }, "template": { SchemaProps: spec.SchemaProps{ - Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -9781,6 +11404,10 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -9792,7 +11419,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -9803,7 +11430,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -9822,6 +11449,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -9854,8 +11488,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -9868,7 +11501,36 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, } } @@ -9897,28 +11559,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9947,7 +11609,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9958,7 +11620,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -9969,7 +11631,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9988,14 +11650,18 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, "scopes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", Type: []string{"array"}, @@ -10005,6 +11671,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10013,14 +11680,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -10039,8 +11706,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10054,8 +11720,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10065,7 +11730,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -10084,8 +11749,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10093,14 +11757,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, "requests": { SchemaProps: spec.SchemaProps{ - Description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10116,13 +11779,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -10132,7 +11795,53 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -10203,7 +11912,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10230,6 +11939,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10244,6 +11954,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10260,7 +11971,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10290,7 +12001,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10317,6 +12028,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10331,6 +12043,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10347,7 +12060,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10359,6 +12072,11 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of scope selector requirements by scope of the resources.", Type: []string{"array"}, @@ -10366,7 +12084,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -10381,7 +12099,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -10394,11 +12112,12 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, + }, }, "operator": { SchemaProps: spec.SchemaProps{ @@ -10406,9 +12125,15 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"DoesNotExist", "Exists", "In", "NotIn"}}, + Enum: []interface{}{"DoesNotExist", "Exists", "In", "NotIn"}, + }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -10443,11 +12168,12 @@ func schema_k8sio_api_core_v1_SeccompProfile(ref common.ReferenceCallback) commo Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}}, + Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}, + }, }, "localhostProfile": { SchemaProps: spec.SchemaProps{ - Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", Type: []string{"string"}, Format: "", }, @@ -10496,7 +12222,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -10548,7 +12274,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10561,7 +12287,8 @@ func schema_k8sio_api_core_v1_SecretEnvSource(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10588,7 +12315,8 @@ func schema_k8sio_api_core_v1_SecretKeySelector(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10645,7 +12373,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10656,7 +12384,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -10667,7 +12395,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10680,12 +12408,18 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -10693,7 +12427,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -10710,7 +12444,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -10761,6 +12495,11 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -10768,7 +12507,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -10792,7 +12531,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -10806,7 +12545,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -10819,13 +12558,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -10865,22 +12604,29 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Default", "Unmasked"}, }, }, "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), + }, + }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -10909,14 +12655,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -10945,28 +12691,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10995,30 +12741,39 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, "imagePullSecrets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", Type: []string{"array"}, @@ -11026,7 +12781,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -11043,7 +12798,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11072,7 +12827,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11083,7 +12838,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -11094,7 +12849,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11159,7 +12914,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11170,7 +12925,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -11181,7 +12936,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11205,11 +12960,12 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O Default: "TCP", Type: []string{"string"}, Format: "", - Enum: []interface{}{"SCTP", "TCP", "UDP"}}, + Enum: []interface{}{"SCTP", "TCP", "UDP"}, + }, }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -11225,7 +12981,6 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O "targetPort": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -11305,7 +13060,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -11364,9 +13119,15 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types\n\nPossible enum values:\n - `\"ClusterIP\"` means a service will only be accessible inside the cluster, via the cluster IP.\n - `\"ExternalName\"` means a service consists of only a reference to an external name that kubedns or equivalent will return as a CNAME record, with no exposing or proxying of any pods involved.\n - `\"LoadBalancer\"` means a service will be exposed via an external load balancer (if the cloud provider supports it), in addition to 'NodePort' type.\n - `\"NodePort\"` means a service will be exposed on one port of every node, in addition to 'ClusterIP' type.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"ClusterIP", "ExternalName", "LoadBalancer", "NodePort"}}, + Enum: []interface{}{"ClusterIP", "ExternalName", "LoadBalancer", "NodePort"}, + }, }, "externalIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", Type: []string{"array"}, @@ -11386,16 +13147,22 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies\n\nPossible enum values:\n - `\"ClientIP\"` is the Client IP based.\n - `\"None\"` - no session affinity.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"ClientIP", "None"}}, + Enum: []interface{}{"ClientIP", "None"}, + }, }, "loadBalancerIP": { SchemaProps: spec.SchemaProps{ - Description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.", + Description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available.", Type: []string{"string"}, Format: "", }, }, "loadBalancerSourceRanges": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", Type: []string{"array"}, @@ -11422,7 +13189,8 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Cluster", "Local"}}, + Enum: []interface{}{"Cluster", "Local"}, + }, }, "healthCheckNodePort": { SchemaProps: spec.SchemaProps{ @@ -11441,7 +13209,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -11459,6 +13227,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"", "IPv4", "IPv6"}, }, }, }, @@ -11466,9 +13235,10 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "ipFamilyPolicy": { SchemaProps: spec.SchemaProps{ - Description: "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.", + Description: "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.\n\nPossible enum values:\n - `\"PreferDualStack\"` indicates that this service prefers dual-stack when the cluster is configured for dual-stack. If the cluster is not configured for dual-stack the service will be assigned a single IPFamily. If the IPFamily is not set in service.spec.ipFamilies then the service will be assigned the default IPFamily configured on the cluster\n - `\"RequireDualStack\"` indicates that this service requires dual-stack. Using IPFamilyPolicyRequireDualStack on a single stack cluster will result in validation errors. The IPFamilies (and their order) assigned to this service is based on service.spec.ipFamilies. If service.spec.ipFamilies was not provided then it will be assigned according to how they are configured on the cluster. If service.spec.ipFamilies has only one entry then the alternative IPFamily will be added by apiserver\n - `\"SingleStack\"` indicates that this service is required to have a single IPFamily. The IPFamily assigned is based on the default IPFamily used by the cluster or as identified by service.spec.ipFamilies field", Type: []string{"string"}, Format: "", + Enum: []interface{}{"PreferDualStack", "RequireDualStack", "SingleStack"}, }, }, "allocateLoadBalancerNodePorts": { @@ -11487,7 +13257,15 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "internalTrafficPolicy": { SchemaProps: spec.SchemaProps{ - Description: "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).", + Description: "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).\n\nPossible enum values:\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"` routes traffic only to endpoints on the same node as the client pod (dropping the traffic if there are no local endpoints).", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Cluster", "Local"}, + }, + }, + "trafficDistribution": { + SchemaProps: spec.SchemaProps{ + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", Type: []string{"string"}, Format: "", }, @@ -11496,7 +13274,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -11511,7 +13289,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -11532,7 +13310,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -11542,7 +13320,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -11556,14 +13334,36 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_SleepAction(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SleepAction describes a \"sleep\" action.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "seconds": { + SchemaProps: spec.SchemaProps{ + Description: "Seconds is the number of seconds to sleep.", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + Required: []string{"seconds"}, + }, + }, } } @@ -11605,14 +13405,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -11654,14 +13454,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11705,7 +13505,6 @@ func schema_k8sio_api_core_v1_TCPSocketAction(ref common.ReferenceCallback) comm "port": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -11753,12 +13552,13 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"NoExecute", "NoSchedule", "PreferNoSchedule"}}, + Enum: []interface{}{"NoExecute", "NoSchedule", "PreferNoSchedule"}, + }, }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -11766,7 +13566,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -11786,10 +13586,11 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, + }, }, "value": { SchemaProps: spec.SchemaProps{ @@ -11803,7 +13604,8 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op Description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\n\nPossible enum values:\n - `\"NoExecute\"` Evict any already-running pods that do not tolerate the taint. Currently enforced by NodeController.\n - `\"NoSchedule\"` Do not allow new pods to schedule onto the node unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. Enforced by the scheduler.\n - `\"PreferNoSchedule\"` Like TaintEffectNoSchedule, but the scheduler tries not to schedule new pods onto the node, rather than prohibiting new pods from scheduling onto the node entirely. Enforced by the scheduler.", Type: []string{"string"}, Format: "", - Enum: []interface{}{"NoExecute", "NoSchedule", "PreferNoSchedule"}}, + Enum: []interface{}{"NoExecute", "NoSchedule", "PreferNoSchedule"}, + }, }, "tolerationSeconds": { SchemaProps: spec.SchemaProps{ @@ -11834,6 +13636,11 @@ func schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref common.Refere }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", Type: []string{"array"}, @@ -11863,6 +13670,11 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchLabelExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of topology selector requirements by labels.", Type: []string{"array"}, @@ -11870,7 +13682,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -11885,7 +13697,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -11918,33 +13730,36 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"DoNotSchedule", "ScheduleAnyway"}}, + Enum: []interface{}{"DoNotSchedule", "ScheduleAnyway"}, + }, }, "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { SchemaProps: spec.SchemaProps{ - Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.", Type: []string{"integer"}, Format: "int32", }, }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Honor", "Ignore"}, }, }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Honor", "Ignore"}, }, }, "matchLabelKeys": { @@ -11954,7 +13769,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, SchemaProps: spec.SchemaProps{ - Description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.", + Description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -11972,7 +13787,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -12022,7 +13837,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -12079,175 +13895,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -12255,7 +14077,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -12311,6 +14133,13 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O Format: "", }, }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled.", + Type: []string{"string"}, + Format: "", + }, + }, "mountPath": { SchemaProps: spec.SchemaProps{ Description: "Path within the container at which the volume should be mounted. Must not contain ':'.", @@ -12328,9 +14157,10 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O }, "mountPropagation": { SchemaProps: spec.SchemaProps{ - Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", Type: []string{"string"}, Format: "", + Enum: []interface{}{"Bidirectional", "HostToContainer", "None"}, }, }, "subPathExpr": { @@ -12347,6 +14177,50 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O } } +func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeMountStatus shows status of volume mounts.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name corresponds to the name of the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "mountPath": { + SchemaProps: spec.SchemaProps{ + Description: "MountPath corresponds to the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "readOnly": { + SchemaProps: spec.SchemaProps{ + Description: "ReadOnly corresponds to the original VolumeMount.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, depending on the mount result.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "mountPath"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12357,14 +14231,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -12372,38 +14246,93 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), + }, + }, + "clusterTrustBundle": { + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeResourceRequirements describes the storage resource requirements for a volume.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "limits": { + SchemaProps: spec.SchemaProps{ + Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "requests": { + SchemaProps: spec.SchemaProps{ + Description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, } } @@ -12417,182 +14346,188 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -12658,7 +14593,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -12666,7 +14601,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -12700,7 +14635,7 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference }, "hostProcess": { SchemaProps: spec.SchemaProps{ - Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", Type: []string{"boolean"}, Format: "", }, @@ -12711,6 +14646,91 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroup": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroupReplicaKey": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "podGroup"}, + }, + }, + } +} + +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12741,6 +14761,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the versions supported in this group.", Type: []string{"array"}, @@ -12748,7 +14773,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -12758,10 +14783,15 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -12769,7 +14799,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -12780,7 +14810,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -12806,6 +14836,11 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, "groups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "groups is a list of APIGroup.", Type: []string{"array"}, @@ -12813,7 +14848,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -12824,7 +14859,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -12897,6 +14932,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "shortNames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "shortNames is a list of suggested short names of the resource.", Type: []string{"array"}, @@ -12912,6 +14952,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "categories": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", Type: []string{"array"}, @@ -12970,6 +15015,11 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "resources contains the name of the resources and if they are namespaced.", Type: []string{"array"}, @@ -12977,7 +15027,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -12988,7 +15038,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -13014,6 +15064,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the api versions that are available.", Type: []string{"array"}, @@ -13029,6 +15084,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13036,7 +15096,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -13047,7 +15107,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -13073,6 +15133,11 @@ func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13143,8 +15208,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -13168,7 +15232,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -13194,6 +15258,11 @@ func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13217,7 +15286,7 @@ func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common. }, "fieldValidation": { SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", Type: []string{"string"}, Format: "", }, @@ -13259,7 +15328,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -13277,6 +15346,11 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13291,11 +15365,18 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -13304,8 +15385,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -13557,15 +15688,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -13593,6 +15721,11 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", Type: []string{"array"}, @@ -13600,7 +15733,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -13615,7 +15748,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -13627,12 +15760,6 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "key": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "key", - "x-kubernetes-patch-strategy": "merge", - }, - }, SchemaProps: spec.SchemaProps{ Description: "key is the label key that the selector applies to.", Default: "", @@ -13649,6 +15776,11 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -13695,7 +15827,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -13705,8 +15837,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -13717,7 +15848,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -13846,6 +15977,13 @@ func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.Op Format: "", }, }, + "sendInitialEvents": { + SchemaProps: spec.SchemaProps{ + Description: "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, @@ -13883,7 +16021,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -13896,7 +16034,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -13910,7 +16048,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -13919,8 +16057,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -13935,7 +16073,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", Type: []string{"string"}, Format: "", }, @@ -13949,7 +16087,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, "namespace": { SchemaProps: spec.SchemaProps{ - Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", + Description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces", Type: []string{"string"}, Format: "", }, @@ -13963,7 +16101,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, "uid": { SchemaProps: spec.SchemaProps{ - Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", Type: []string{"string"}, Format: "", }, @@ -13985,14 +16123,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -14004,7 +16141,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, "labels": { SchemaProps: spec.SchemaProps{ - Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -14020,7 +16157,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, "annotations": { SchemaProps: spec.SchemaProps{ - Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -14037,6 +16174,10 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "ownerReferences": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "uid", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "uid", "x-kubernetes-patch-strategy": "merge", }, @@ -14048,7 +16189,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -14057,6 +16198,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "finalizers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -14075,6 +16217,11 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, "managedFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", Type: []string{"array"}, @@ -14082,7 +16229,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -14092,7 +16239,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -14121,7 +16268,7 @@ func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common }, "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", Default: "", Type: []string{"string"}, Format: "", @@ -14129,7 +16276,7 @@ func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common }, "uid": { SchemaProps: spec.SchemaProps{ - Description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", Default: "", Type: []string{"string"}, Format: "", @@ -14186,14 +16333,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -14222,7 +16369,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -14233,7 +16380,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -14244,7 +16391,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -14281,6 +16428,11 @@ func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -14311,7 +16463,7 @@ func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.O }, "fieldValidation": { SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", Type: []string{"string"}, Format: "", }, @@ -14357,6 +16509,11 @@ func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.Open Type: []string{"object"}, Properties: map[string]spec.Schema{ "paths": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "paths are the paths available at root.", Type: []string{"array"}, @@ -14433,7 +16590,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -14460,7 +16617,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI "details": { SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -14474,7 +16631,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -14542,12 +16699,17 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, "uid": { SchemaProps: spec.SchemaProps{ - Description: "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Description: "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", Type: []string{"string"}, Format: "", }, }, "causes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", Type: []string{"array"}, @@ -14555,7 +16717,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -14572,7 +16734,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -14601,10 +16763,15 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", Type: []string{"array"}, @@ -14612,13 +16779,18 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, }, }, "rows": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "rows is the list of items in the table.", Type: []string{"array"}, @@ -14626,7 +16798,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -14637,7 +16809,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -14737,6 +16909,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Type: []string{"object"}, Properties: map[string]spec.Schema{ "cells": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", Type: []string{"array"}, @@ -14751,6 +16928,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", Type: []string{"array"}, @@ -14758,7 +16940,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -14767,8 +16949,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -14776,7 +16957,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -14829,8 +17010,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -14915,6 +17096,11 @@ func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -14938,7 +17124,7 @@ func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common. }, "fieldValidation": { SchemaProps: spec.SchemaProps{ - Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + Description: "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", Type: []string{"string"}, Format: "", }, @@ -14966,8 +17152,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -14975,7 +17160,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -15034,13 +17219,6 @@ func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) Format: "", }, }, - "Raw": { - SchemaProps: spec.SchemaProps{ - Description: "Raw will hold the complete serialized object which couldn't be matched with a registered type. Most likely, nothing should be done with this except for passing it through the system.", - Type: []string{"string"}, - Format: "byte", - }, - }, "ContentEncoding": { SchemaProps: spec.SchemaProps{ Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", @@ -15058,7 +17236,7 @@ func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) }, }, }, - Required: []string{"Raw", "ContentEncoding", "ContentType"}, + Required: []string{"ContentEncoding", "ContentType"}, }, }, } @@ -15073,16 +17251,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.35/client/go.mod b/generated/1.35/client/go.mod new file mode 100644 index 000000000..4b2f0675c --- /dev/null +++ b/generated/1.35/client/go.mod @@ -0,0 +1,53 @@ +// This go.mod file is generated by ./hack/update.sh. +module go.pinniped.dev/generated/1.35/client + +go 1.25.0 + +replace go.pinniped.dev/generated/1.35/apis => ../apis + +require ( + go.pinniped.dev/generated/1.35/apis v0.0.0 + k8s.io/api v0.35.0 + k8s.io/apimachinery v0.35.0 + k8s.io/client-go v0.35.0 + k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 +) + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/emicklei/go-restful/v3 v3.12.2 // indirect + github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/google/gnostic-models v0.7.0 // indirect + github.com/google/go-cmp v0.7.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/x448/float16 v0.8.4 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect + go.yaml.in/yaml/v3 v3.0.4 // indirect + golang.org/x/net v0.47.0 // indirect + golang.org/x/oauth2 v0.30.0 // indirect + golang.org/x/sys v0.38.0 // indirect + golang.org/x/term v0.37.0 // indirect + golang.org/x/text v0.31.0 // indirect + golang.org/x/time v0.9.0 // indirect + google.golang.org/protobuf v1.36.8 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect + sigs.k8s.io/yaml v1.6.0 // indirect +) diff --git a/generated/1.35/client/go.sum b/generated/1.35/client/go.sum new file mode 100644 index 000000000..2400f8121 --- /dev/null +++ b/generated/1.35/client/go.sum @@ -0,0 +1,131 @@ +github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= +github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= +github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= +github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= +github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= +github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= +github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= +go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= +golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= +golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= +golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= +golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= +golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= +golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= +golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= +golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= +golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= +golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= +google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= +k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/generated/1.27/client/supervisor/clientset/versioned/clientset.go b/generated/1.35/client/supervisor/clientset/versioned/clientset.go similarity index 95% rename from generated/1.27/client/supervisor/clientset/versioned/clientset.go rename to generated/1.35/client/supervisor/clientset/versioned/clientset.go index e420e1674..2c427e270 100644 --- a/generated/1.27/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.35/client/supervisor/clientset/versioned/clientset.go @@ -6,12 +6,12 @@ package versioned import ( - "fmt" - "net/http" + fmt "fmt" + http "net/http" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/generated/1.29/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.35/client/supervisor/clientset/versioned/fake/clientset_generated.go similarity index 65% rename from generated/1.29/client/supervisor/clientset/versioned/fake/clientset_generated.go rename to generated/1.35/client/supervisor/clientset/versioned/fake/clientset_generated.go index edccaab28..689bcc536 100644 --- a/generated/1.29/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.35/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -6,13 +6,14 @@ package fake import ( - clientset "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - clientsecretv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" - fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" - configv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1" - fakeconfigv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + clientset "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + fakeclientsecretv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -22,8 +23,12 @@ import ( // NewSimpleClientset returns a clientset that will respond with the provided objects. // It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. +// +// Deprecated: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) for _, obj := range objects { @@ -36,9 +41,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } gvr := action.GetResource() ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) + watch, err := o.Watch(gvr, ns, opts) if err != nil { return false, nil, err } @@ -65,6 +74,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/1.27/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.35/client/supervisor/clientset/versioned/fake/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/fake/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/fake/doc.go diff --git a/generated/1.29/client/supervisor/clientset/versioned/fake/register.go b/generated/1.35/client/supervisor/clientset/versioned/fake/register.go similarity index 88% rename from generated/1.29/client/supervisor/clientset/versioned/fake/register.go rename to generated/1.35/client/supervisor/clientset/versioned/fake/register.go index ea6c1ff12..0b457949f 100644 --- a/generated/1.29/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.35/client/supervisor/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.27/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.35/client/supervisor/clientset/versioned/scheme/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/scheme/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/scheme/doc.go diff --git a/generated/1.29/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.35/client/supervisor/clientset/versioned/scheme/register.go similarity index 88% rename from generated/1.29/client/supervisor/clientset/versioned/scheme/register.go rename to generated/1.35/client/supervisor/clientset/versioned/scheme/register.go index cd4e77f49..8e1e11e2c 100644 --- a/generated/1.29/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.35/client/supervisor/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( - clientsecretv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/clientsecret/v1alpha1" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go similarity index 83% rename from generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go index bf674b191..1a6435a77 100644 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/clientsecret_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/clientsecret/v1alpha1" - "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -32,9 +32,7 @@ func (c *ClientsecretV1alpha1Client) OIDCClientSecretRequests(namespace string) // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -46,9 +44,7 @@ func NewForConfig(c *rest.Config) (*ClientsecretV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ClientsecretV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -71,17 +67,15 @@ func New(c rest.Interface) *ClientsecretV1alpha1Client { return &ClientsecretV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := clientsecretv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/doc.go diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/doc.go diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go similarity index 85% rename from generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go index 0bc7899e7..d1874d9d6 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_clientsecret_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,7 +16,7 @@ type FakeClientsecretV1alpha1 struct { } func (c *FakeClientsecretV1alpha1) OIDCClientSecretRequests(namespace string) v1alpha1.OIDCClientSecretRequestInterface { - return &FakeOIDCClientSecretRequests{c, namespace} + return newFakeOIDCClientSecretRequests(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go new file mode 100644 index 000000000..8b89941b7 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/fake/fake_oidcclientsecretrequest.go @@ -0,0 +1,31 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type fakeOIDCClientSecretRequests struct { + *gentype.FakeClient[*v1alpha1.OIDCClientSecretRequest] + Fake *FakeClientsecretV1alpha1 +} + +func newFakeOIDCClientSecretRequests(fake *FakeClientsecretV1alpha1, namespace string) clientsecretv1alpha1.OIDCClientSecretRequestInterface { + return &fakeOIDCClientSecretRequests{ + gentype.NewFakeClient[*v1alpha1.OIDCClientSecretRequest]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclientsecretrequests"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClientSecretRequest"), + func() *v1alpha1.OIDCClientSecretRequest { return &v1alpha1.OIDCClientSecretRequest{} }, + ), + fake, + } +} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/generated_expansion.go diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go new file mode 100644 index 000000000..8614b17d2 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/clientsecret/v1alpha1/oidcclientsecretrequest.go @@ -0,0 +1,47 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + clientsecretv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientSecretRequestsGetter has a method to return a OIDCClientSecretRequestInterface. +// A group's client should implement this interface. +type OIDCClientSecretRequestsGetter interface { + OIDCClientSecretRequests(namespace string) OIDCClientSecretRequestInterface +} + +// OIDCClientSecretRequestInterface has methods to work with OIDCClientSecretRequest resources. +type OIDCClientSecretRequestInterface interface { + Create(ctx context.Context, oIDCClientSecretRequest *clientsecretv1alpha1.OIDCClientSecretRequest, opts v1.CreateOptions) (*clientsecretv1alpha1.OIDCClientSecretRequest, error) + OIDCClientSecretRequestExpansion +} + +// oIDCClientSecretRequests implements OIDCClientSecretRequestInterface +type oIDCClientSecretRequests struct { + *gentype.Client[*clientsecretv1alpha1.OIDCClientSecretRequest] +} + +// newOIDCClientSecretRequests returns a OIDCClientSecretRequests +func newOIDCClientSecretRequests(c *ClientsecretV1alpha1Client, namespace string) *oIDCClientSecretRequests { + return &oIDCClientSecretRequests{ + gentype.NewClient[*clientsecretv1alpha1.OIDCClientSecretRequest]( + "oidcclientsecretrequests", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *clientsecretv1alpha1.OIDCClientSecretRequest { + return &clientsecretv1alpha1.OIDCClientSecretRequest{} + }, + ), + } +} diff --git a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go similarity index 83% rename from generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 55f8d4f16..b1e759db5 100644 --- a/generated/1.26/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/config/v1alpha1" - "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned/scheme" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -37,9 +37,7 @@ func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -51,9 +49,7 @@ func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -76,17 +72,15 @@ func New(c rest.Interface) *ConfigV1alpha1Client { return &ConfigV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := configv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go similarity index 83% rename from generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 8d533c987..ae574695f 100644 --- a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,11 +16,11 @@ type FakeConfigV1alpha1 struct { } func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { - return &FakeFederationDomains{c, namespace} + return newFakeFederationDomains(c, namespace) } func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} + return newFakeOIDCClients(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 000000000..ae7004fec --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeFederationDomains implements FederationDomainInterface +type fakeFederationDomains struct { + *gentype.FakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList] + Fake *FakeConfigV1alpha1 +} + +func newFakeFederationDomains(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.FederationDomainInterface { + return &fakeFederationDomains{ + gentype.NewFakeClientWithList[*v1alpha1.FederationDomain, *v1alpha1.FederationDomainList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("federationdomains"), + v1alpha1.SchemeGroupVersion.WithKind("FederationDomain"), + func() *v1alpha1.FederationDomain { return &v1alpha1.FederationDomain{} }, + func() *v1alpha1.FederationDomainList { return &v1alpha1.FederationDomainList{} }, + func(dst, src *v1alpha1.FederationDomainList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.FederationDomainList) []*v1alpha1.FederationDomain { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.FederationDomainList, items []*v1alpha1.FederationDomain) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go new file mode 100644 index 000000000..69cd9f9c1 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -0,0 +1,37 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCClients implements OIDCClientInterface +type fakeOIDCClients struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList] + Fake *FakeConfigV1alpha1 +} + +func newFakeOIDCClients(fake *FakeConfigV1alpha1, namespace string) configv1alpha1.OIDCClientInterface { + return &fakeOIDCClients{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCClient, *v1alpha1.OIDCClientList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcclients"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCClient"), + func() *v1alpha1.OIDCClient { return &v1alpha1.OIDCClient{} }, + func() *v1alpha1.OIDCClientList { return &v1alpha1.OIDCClientList{} }, + func(dst, src *v1alpha1.OIDCClientList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCClientList) []*v1alpha1.OIDCClient { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.OIDCClientList, items []*v1alpha1.OIDCClient) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 000000000..73299da8e --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.CreateOptions) (*configv1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, federationDomain *configv1alpha1.FederationDomain, opts v1.UpdateOptions) (*configv1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + *gentype.ClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList] +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + gentype.NewClientWithList[*configv1alpha1.FederationDomain, *configv1alpha1.FederationDomainList]( + "federationdomains", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.FederationDomain { return &configv1alpha1.FederationDomain{} }, + func() *configv1alpha1.FederationDomainList { return &configv1alpha1.FederationDomainList{} }, + ), + } +} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..24c7dc7f5 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCClientsGetter has a method to return a OIDCClientInterface. +// A group's client should implement this interface. +type OIDCClientsGetter interface { + OIDCClients(namespace string) OIDCClientInterface +} + +// OIDCClientInterface has methods to work with OIDCClient resources. +type OIDCClientInterface interface { + Create(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.CreateOptions) (*configv1alpha1.OIDCClient, error) + Update(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCClient *configv1alpha1.OIDCClient, opts v1.UpdateOptions) (*configv1alpha1.OIDCClient, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.OIDCClient, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.OIDCClientList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.OIDCClient, err error) + OIDCClientExpansion +} + +// oIDCClients implements OIDCClientInterface +type oIDCClients struct { + *gentype.ClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList] +} + +// newOIDCClients returns a OIDCClients +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { + return &oIDCClients{ + gentype.NewClientWithList[*configv1alpha1.OIDCClient, *configv1alpha1.OIDCClientList]( + "oidcclients", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *configv1alpha1.OIDCClient { return &configv1alpha1.OIDCClient{} }, + func() *configv1alpha1.OIDCClientList { return &configv1alpha1.OIDCClientList{} }, + ), + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 000000000..cdf34af44 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,61 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *idpv1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList] +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.ActiveDirectoryIdentityProvider, *idpv1alpha1.ActiveDirectoryIdentityProviderList]( + "activedirectoryidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.ActiveDirectoryIdentityProvider { + return &idpv1alpha1.ActiveDirectoryIdentityProvider{} + }, + func() *idpv1alpha1.ActiveDirectoryIdentityProviderList { + return &idpv1alpha1.ActiveDirectoryIdentityProviderList{} + }, + ), + } +} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 000000000..b9841871a --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,41 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type fakeActiveDirectoryIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeActiveDirectoryIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.ActiveDirectoryIdentityProviderInterface { + return &fakeActiveDirectoryIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.ActiveDirectoryIdentityProvider, *v1alpha1.ActiveDirectoryIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("ActiveDirectoryIdentityProvider"), + func() *v1alpha1.ActiveDirectoryIdentityProvider { return &v1alpha1.ActiveDirectoryIdentityProvider{} }, + func() *v1alpha1.ActiveDirectoryIdentityProviderList { + return &v1alpha1.ActiveDirectoryIdentityProviderList{} + }, + func(dst, src *v1alpha1.ActiveDirectoryIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList) []*v1alpha1.ActiveDirectoryIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.ActiveDirectoryIdentityProviderList, items []*v1alpha1.ActiveDirectoryIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go new file mode 100644 index 000000000..fe4f71cdc --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_githubidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeGitHubIdentityProviders implements GitHubIdentityProviderInterface +type fakeGitHubIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeGitHubIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.GitHubIdentityProviderInterface { + return &fakeGitHubIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.GitHubIdentityProvider, *v1alpha1.GitHubIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("githubidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("GitHubIdentityProvider"), + func() *v1alpha1.GitHubIdentityProvider { return &v1alpha1.GitHubIdentityProvider{} }, + func() *v1alpha1.GitHubIdentityProviderList { return &v1alpha1.GitHubIdentityProviderList{} }, + func(dst, src *v1alpha1.GitHubIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.GitHubIdentityProviderList) []*v1alpha1.GitHubIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.GitHubIdentityProviderList, items []*v1alpha1.GitHubIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go similarity index 78% rename from generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index c7e26bdd8..28ee63fe5 100644 --- a/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) @@ -16,19 +16,19 @@ type FakeIDPV1alpha1 struct { } func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { - return &FakeActiveDirectoryIdentityProviders{c, namespace} + return newFakeActiveDirectoryIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) GitHubIdentityProviders(namespace string) v1alpha1.GitHubIdentityProviderInterface { - return &FakeGitHubIdentityProviders{c, namespace} + return newFakeGitHubIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { - return &FakeLDAPIdentityProviders{c, namespace} + return newFakeLDAPIdentityProviders(c, namespace) } func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { - return &FakeOIDCIdentityProviders{c, namespace} + return newFakeOIDCIdentityProviders(c, namespace) } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 000000000..a69f11154 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type fakeLDAPIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeLDAPIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.LDAPIdentityProviderInterface { + return &fakeLDAPIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.LDAPIdentityProvider, *v1alpha1.LDAPIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("LDAPIdentityProvider"), + func() *v1alpha1.LDAPIdentityProvider { return &v1alpha1.LDAPIdentityProvider{} }, + func() *v1alpha1.LDAPIdentityProviderList { return &v1alpha1.LDAPIdentityProviderList{} }, + func(dst, src *v1alpha1.LDAPIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.LDAPIdentityProviderList) []*v1alpha1.LDAPIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.LDAPIdentityProviderList, items []*v1alpha1.LDAPIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 000000000..72428b1c3 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,39 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type fakeOIDCIdentityProviders struct { + *gentype.FakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList] + Fake *FakeIDPV1alpha1 +} + +func newFakeOIDCIdentityProviders(fake *FakeIDPV1alpha1, namespace string) idpv1alpha1.OIDCIdentityProviderInterface { + return &fakeOIDCIdentityProviders{ + gentype.NewFakeClientWithList[*v1alpha1.OIDCIdentityProvider, *v1alpha1.OIDCIdentityProviderList]( + fake.Fake, + namespace, + v1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"), + v1alpha1.SchemeGroupVersion.WithKind("OIDCIdentityProvider"), + func() *v1alpha1.OIDCIdentityProvider { return &v1alpha1.OIDCIdentityProvider{} }, + func() *v1alpha1.OIDCIdentityProviderList { return &v1alpha1.OIDCIdentityProviderList{} }, + func(dst, src *v1alpha1.OIDCIdentityProviderList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.OIDCIdentityProviderList) []*v1alpha1.OIDCIdentityProvider { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.OIDCIdentityProviderList, items []*v1alpha1.OIDCIdentityProvider) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go similarity index 100% rename from generated/1.27/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go new file mode 100644 index 000000000..16f6d76ab --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/githubidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// GitHubIdentityProvidersGetter has a method to return a GitHubIdentityProviderInterface. +// A group's client should implement this interface. +type GitHubIdentityProvidersGetter interface { + GitHubIdentityProviders(namespace string) GitHubIdentityProviderInterface +} + +// GitHubIdentityProviderInterface has methods to work with GitHubIdentityProvider resources. +type GitHubIdentityProviderInterface interface { + Create(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Update(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, gitHubIdentityProvider *idpv1alpha1.GitHubIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.GitHubIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.GitHubIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.GitHubIdentityProvider, err error) + GitHubIdentityProviderExpansion +} + +// gitHubIdentityProviders implements GitHubIdentityProviderInterface +type gitHubIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList] +} + +// newGitHubIdentityProviders returns a GitHubIdentityProviders +func newGitHubIdentityProviders(c *IDPV1alpha1Client, namespace string) *gitHubIdentityProviders { + return &gitHubIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.GitHubIdentityProvider, *idpv1alpha1.GitHubIdentityProviderList]( + "githubidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.GitHubIdentityProvider { return &idpv1alpha1.GitHubIdentityProvider{} }, + func() *idpv1alpha1.GitHubIdentityProviderList { return &idpv1alpha1.GitHubIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go similarity index 85% rename from generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index c85eb3d32..d20c87e56 100644 --- a/generated/1.29/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - "net/http" + http "net/http" - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned/scheme" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -47,9 +47,7 @@ func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentity // where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) httpClient, err := rest.HTTPClientFor(&config) if err != nil { return nil, err @@ -61,9 +59,7 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { // Note the http client provided takes precedence over the configured transport values. func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } + setConfigDefaults(&config) client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err @@ -86,17 +82,15 @@ func New(c rest.Interface) *IDPV1alpha1Client { return &IDPV1alpha1Client{c} } -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion +func setConfigDefaults(config *rest.Config) { + gv := idpv1alpha1.SchemeGroupVersion config.GroupVersion = &gv config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() if config.UserAgent == "" { config.UserAgent = rest.DefaultKubernetesUserAgent() } - - return nil } // RESTClient returns a RESTClient that is used to communicate diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 000000000..a1184e4b7 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, lDAPIdentityProvider *idpv1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList] +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.LDAPIdentityProvider, *idpv1alpha1.LDAPIdentityProviderList]( + "ldapidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.LDAPIdentityProvider { return &idpv1alpha1.LDAPIdentityProvider{} }, + func() *idpv1alpha1.LDAPIdentityProviderList { return &idpv1alpha1.LDAPIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 000000000..9a3e00092 --- /dev/null +++ b/generated/1.35/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, oIDCIdentityProvider *idpv1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*idpv1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*idpv1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *idpv1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + *gentype.ClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList] +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + gentype.NewClientWithList[*idpv1alpha1.OIDCIdentityProvider, *idpv1alpha1.OIDCIdentityProviderList]( + "oidcidentityproviders", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *idpv1alpha1.OIDCIdentityProvider { return &idpv1alpha1.OIDCIdentityProvider{} }, + func() *idpv1alpha1.OIDCIdentityProviderList { return &idpv1alpha1.OIDCIdentityProviderList{} }, + ), + } +} diff --git a/generated/1.26/client/supervisor/informers/externalversions/config/interface.go b/generated/1.35/client/supervisor/informers/externalversions/config/interface.go similarity index 89% rename from generated/1.26/client/supervisor/informers/externalversions/config/interface.go rename to generated/1.35/client/supervisor/informers/externalversions/config/interface.go index e95b3c826..5d89bcbb2 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.35/client/supervisor/informers/externalversions/config/interface.go @@ -6,8 +6,8 @@ package config import ( - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go similarity index 66% rename from generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go rename to generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index 90b8d5973..14e35816b 100644 --- a/generated/1.27/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.27/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.27/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.27/client/supervisor/listers/config/v1alpha1" + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // FederationDomains. type FederationDomainInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.FederationDomainLister + Lister() configv1alpha1.FederationDomainLister } type federationDomainInformer struct { @@ -44,21 +44,33 @@ func NewFederationDomainInformer(client versioned.Interface, namespace string, r // one. This reduces memory footprint and number of connections to the server. func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.Background(), options) }, - }, - &configv1alpha1.FederationDomain{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, options) + }, + }, client), + &supervisorconfigv1alpha1.FederationDomain{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *federationDomainInformer) defaultInformer(client versioned.Interface, r } func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) + return f.factory.InformerFor(&supervisorconfigv1alpha1.FederationDomain{}, f.defaultInformer) } -func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { - return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +func (f *federationDomainInformer) Lister() configv1alpha1.FederationDomainLister { + return configv1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) } diff --git a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/interface.go similarity index 95% rename from generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/interface.go rename to generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 535781a3c..455eec2b7 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 66% rename from generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go rename to generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 27bd30a3c..81cd1fa85 100644 --- a/generated/1.29/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ b/generated/1.35/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - configv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - versioned "go.pinniped.dev/generated/1.29/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/listers/config/v1alpha1" + supervisorconfigv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + configv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // OIDCClients. type OIDCClientInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCClientLister + Lister() configv1alpha1.OIDCClientLister } type oIDCClientInformer struct { @@ -44,21 +44,33 @@ func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncP // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.Background(), options) }, - }, - &configv1alpha1.OIDCClient{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().OIDCClients(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, options) + }, + }, client), + &supervisorconfigv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&supervisorconfigv1alpha1.OIDCClient{}, f.defaultInformer) } -func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { - return v1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) +func (f *oIDCClientInformer) Lister() configv1alpha1.OIDCClientLister { + return configv1alpha1.NewOIDCClientLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/factory.go b/generated/1.35/client/supervisor/informers/externalversions/factory.go similarity index 91% rename from generated/1.28/client/supervisor/informers/externalversions/factory.go rename to generated/1.35/client/supervisor/informers/externalversions/factory.go index 3d6a28eaa..5e54073f1 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.35/client/supervisor/informers/externalversions/factory.go @@ -10,10 +10,10 @@ import ( sync "sync" time "time" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - config "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/idp" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -30,6 +30,7 @@ type sharedInformerFactory struct { lock sync.Mutex defaultResync time.Duration customResync map[reflect.Type]time.Duration + transform cache.TransformFunc informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -68,6 +69,14 @@ func WithNamespace(namespace string) SharedInformerOption { } } +// WithTransform sets a transform on all informers. +func WithTransform(transform cache.TransformFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.transform = transform + return factory + } +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -76,6 +85,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -172,6 +182,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) + informer.SetTransform(f.transform) f.informers[informerType] = informer return informer @@ -182,7 +193,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. @@ -206,6 +217,7 @@ type SharedInformerFactory interface { // Start initializes all requested informers. They are handled in goroutines // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. Start(stopCh <-chan struct{}) // Shutdown marks a factory as shutting down. At that point no new diff --git a/generated/1.29/client/supervisor/informers/externalversions/generic.go b/generated/1.35/client/supervisor/informers/externalversions/generic.go similarity index 94% rename from generated/1.29/client/supervisor/informers/externalversions/generic.go rename to generated/1.35/client/supervisor/informers/externalversions/generic.go index d16bec5e3..a7de4e1ba 100644 --- a/generated/1.29/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.35/client/supervisor/informers/externalversions/generic.go @@ -6,10 +6,10 @@ package externalversions import ( - "fmt" + fmt "fmt" - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) diff --git a/generated/1.29/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.35/client/supervisor/informers/externalversions/idp/interface.go similarity index 89% rename from generated/1.29/client/supervisor/informers/externalversions/idp/interface.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/interface.go index ec47e4119..0cd247679 100644 --- a/generated/1.29/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/interface.go @@ -6,8 +6,8 @@ package idp import ( - v1alpha1 "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/idp/v1alpha1" - internalinterfaces "go.pinniped.dev/generated/1.29/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go similarity index 66% rename from generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index d0827ee5c..153f67492 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // ActiveDirectoryIdentityProviders. type ActiveDirectoryIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.ActiveDirectoryIdentityProviderLister + Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister } type activeDirectoryIdentityProviderInformer struct { @@ -44,21 +44,33 @@ func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, name // one. This reduces memory footprint and number of connections to the server. func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.Background(), options) }, - }, - &idpv1alpha1.ActiveDirectoryIdentityProvider{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, options) + }, + }, client), + &supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client version } func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) } -func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { - return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +func (f *activeDirectoryIdentityProviderInformer) Lister() idpv1alpha1.ActiveDirectoryIdentityProviderLister { + return idpv1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go similarity index 66% rename from generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go index 5b916207e..e3b79159d 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // GitHubIdentityProviders. type GitHubIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.GitHubIdentityProviderLister + Lister() idpv1alpha1.GitHubIdentityProviderLister } type gitHubIdentityProviderInformer struct { @@ -44,21 +44,33 @@ func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace str // one. This reduces memory footprint and number of connections to the server. func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(context.Background(), options) }, - }, - &idpv1alpha1.GitHubIdentityProvider{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, options) + }, + }, client), + &supervisoridpv1alpha1.GitHubIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *gitHubIdentityProviderInformer) defaultInformer(client versioned.Interf } func (f *gitHubIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.GitHubIdentityProvider{}, f.defaultInformer) } -func (f *gitHubIdentityProviderInformer) Lister() v1alpha1.GitHubIdentityProviderLister { - return v1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) +func (f *gitHubIdentityProviderInformer) Lister() idpv1alpha1.GitHubIdentityProviderLister { + return idpv1alpha1.NewGitHubIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go similarity index 97% rename from generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index dcbfe4f1d..6fd929290 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go similarity index 67% rename from generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index 81fa2051e..3f9ac4432 100644 --- a/generated/1.28/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.28/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.28/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.28/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // LDAPIdentityProviders. type LDAPIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.LDAPIdentityProviderLister + Lister() idpv1alpha1.LDAPIdentityProviderLister } type lDAPIdentityProviderInformer struct { @@ -44,21 +44,33 @@ func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace strin // one. This reduces memory footprint and number of connections to the server. func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.Background(), options) }, - }, - &idpv1alpha1.LDAPIdentityProvider{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, options) + }, + }, client), + &supervisoridpv1alpha1.LDAPIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interfac } func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) } -func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { - return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +func (f *lDAPIdentityProviderInformer) Lister() idpv1alpha1.LDAPIdentityProviderLister { + return idpv1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go similarity index 67% rename from generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go rename to generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index 7eafa38a7..ceeb5770b 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.35/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -6,13 +6,13 @@ package v1alpha1 import ( - "context" + context "context" time "time" - idpv1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.26/client/supervisor/listers/idp/v1alpha1" + supervisoridpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces" + idpv1alpha1 "go.pinniped.dev/generated/1.35/client/supervisor/listers/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -23,7 +23,7 @@ import ( // OIDCIdentityProviders. type OIDCIdentityProviderInformer interface { Informer() cache.SharedIndexInformer - Lister() v1alpha1.OIDCIdentityProviderLister + Lister() idpv1alpha1.OIDCIdentityProviderLister } type oIDCIdentityProviderInformer struct { @@ -44,21 +44,33 @@ func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace strin // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.Background(), options) }, - }, - &idpv1alpha1.OIDCIdentityProvider{}, + ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(ctx, options) + }, + WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, options) + }, + }, client), + &supervisoridpv1alpha1.OIDCIdentityProvider{}, resyncPeriod, indexers, ) @@ -69,9 +81,9 @@ func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interfac } func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) + return f.factory.InformerFor(&supervisoridpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) } -func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { - return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +func (f *oIDCIdentityProviderInformer) Lister() idpv1alpha1.OIDCIdentityProviderLister { + return idpv1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) } diff --git a/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 93% rename from generated/1.26/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go rename to generated/1.35/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 103e757c6..b1b789113 100644 --- a/generated/1.26/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.35/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -8,7 +8,7 @@ package internalinterfaces import ( time "time" - versioned "go.pinniped.dev/generated/1.26/client/supervisor/clientset/versioned" + versioned "go.pinniped.dev/generated/1.35/client/supervisor/clientset/versioned" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" diff --git a/generated/1.27/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.35/client/supervisor/listers/config/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.27/client/supervisor/listers/config/v1alpha1/expansion_generated.go rename to generated/1.35/client/supervisor/listers/config/v1alpha1/expansion_generated.go diff --git a/generated/1.27/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.35/client/supervisor/listers/config/v1alpha1/federationdomain.go similarity index 50% rename from generated/1.27/client/supervisor/listers/config/v1alpha1/federationdomain.go rename to generated/1.35/client/supervisor/listers/config/v1alpha1/federationdomain.go index 092899b23..fa87e07f1 100644 --- a/generated/1.27/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.35/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/config/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // FederationDomainLister helps list FederationDomains. @@ -17,7 +17,7 @@ import ( type FederationDomainLister interface { // List lists all FederationDomains in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // FederationDomains returns an object that can list and get FederationDomains. FederationDomains(namespace string) FederationDomainNamespaceLister FederationDomainListerExpansion @@ -25,25 +25,17 @@ type FederationDomainLister interface { // federationDomainLister implements the FederationDomainLister interface. type federationDomainLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } // NewFederationDomainLister returns a new FederationDomainLister. func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { - return &federationDomainLister{indexer: indexer} -} - -// List lists all FederationDomains in the indexer. -func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err + return &federationDomainLister{listers.New[*configv1alpha1.FederationDomain](indexer, configv1alpha1.Resource("federationdomain"))} } // FederationDomains returns an object that can list and get FederationDomains. func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { - return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} + return federationDomainNamespaceLister{listers.NewNamespaced[*configv1alpha1.FederationDomain](s.ResourceIndexer, namespace)} } // FederationDomainNamespaceLister helps list and get FederationDomains. @@ -51,36 +43,15 @@ func (s *federationDomainLister) FederationDomains(namespace string) FederationD type FederationDomainNamespaceLister interface { // List lists all FederationDomains in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + List(selector labels.Selector) (ret []*configv1alpha1.FederationDomain, err error) // Get retrieves the FederationDomain from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.FederationDomain, error) + Get(name string) (*configv1alpha1.FederationDomain, error) FederationDomainNamespaceListerExpansion } // federationDomainNamespaceLister implements the FederationDomainNamespaceLister // interface. type federationDomainNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all FederationDomains in the indexer for a given namespace. -func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.FederationDomain)) - }) - return ret, err -} - -// Get retrieves the FederationDomain from the indexer for a given namespace and name. -func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) - } - return obj.(*v1alpha1.FederationDomain), nil + listers.ResourceIndexer[*configv1alpha1.FederationDomain] } diff --git a/generated/1.35/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.35/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 000000000..a9b8b62c9 --- /dev/null +++ b/generated/1.35/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,57 @@ +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{listers.New[*configv1alpha1.OIDCClient](indexer, configv1alpha1.Resource("oidcclient"))} +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{listers.NewNamespaced[*configv1alpha1.OIDCClient](s.ResourceIndexer, namespace)} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + listers.ResourceIndexer[*configv1alpha1.OIDCClient] +} diff --git a/generated/1.26/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.35/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go similarity index 52% rename from generated/1.26/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go rename to generated/1.35/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 02e4e4592..d97c32bd9 100644 --- a/generated/1.26/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.35/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.26/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. @@ -17,7 +17,7 @@ import ( type ActiveDirectoryIdentityProviderLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister ActiveDirectoryIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type ActiveDirectoryIdentityProviderLister interface { // activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. type activeDirectoryIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } // NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { - return &activeDirectoryIdentityProviderLister{indexer: indexer} -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer. -func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err + return &activeDirectoryIdentityProviderLister{listers.New[*idpv1alpha1.ActiveDirectoryIdentityProvider](indexer, idpv1alpha1.Resource("activedirectoryidentityprovider"))} } // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { - return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return activeDirectoryIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.ActiveDirectoryIdentityProvider](s.ResourceIndexer, namespace)} } // ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. @@ -51,36 +43,15 @@ func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders type ActiveDirectoryIdentityProviderNamespaceLister interface { // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.ActiveDirectoryIdentityProvider, err error) // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Get(name string) (*idpv1alpha1.ActiveDirectoryIdentityProvider, error) ActiveDirectoryIdentityProviderNamespaceListerExpansion } // activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister // interface. type activeDirectoryIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. -func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. -func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) - } - return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.ActiveDirectoryIdentityProvider] } diff --git a/generated/1.27/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.35/client/supervisor/listers/idp/v1alpha1/expansion_generated.go similarity index 100% rename from generated/1.27/client/supervisor/listers/idp/v1alpha1/expansion_generated.go rename to generated/1.35/client/supervisor/listers/idp/v1alpha1/expansion_generated.go diff --git a/generated/1.29/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go b/generated/1.35/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go similarity index 51% rename from generated/1.29/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go rename to generated/1.35/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go index 1be62a946..2f3c5e338 100644 --- a/generated/1.29/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go +++ b/generated/1.35/client/supervisor/listers/idp/v1alpha1/githubidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.29/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // GitHubIdentityProviderLister helps list GitHubIdentityProviders. @@ -17,7 +17,7 @@ import ( type GitHubIdentityProviderLister interface { // List lists all GitHubIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister GitHubIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type GitHubIdentityProviderLister interface { // gitHubIdentityProviderLister implements the GitHubIdentityProviderLister interface. type gitHubIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } // NewGitHubIdentityProviderLister returns a new GitHubIdentityProviderLister. func NewGitHubIdentityProviderLister(indexer cache.Indexer) GitHubIdentityProviderLister { - return &gitHubIdentityProviderLister{indexer: indexer} -} - -// List lists all GitHubIdentityProviders in the indexer. -func (s *gitHubIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err + return &gitHubIdentityProviderLister{listers.New[*idpv1alpha1.GitHubIdentityProvider](indexer, idpv1alpha1.Resource("githubidentityprovider"))} } // GitHubIdentityProviders returns an object that can list and get GitHubIdentityProviders. func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) GitHubIdentityProviderNamespaceLister { - return gitHubIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return gitHubIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.GitHubIdentityProvider](s.ResourceIndexer, namespace)} } // GitHubIdentityProviderNamespaceLister helps list and get GitHubIdentityProviders. @@ -51,36 +43,15 @@ func (s *gitHubIdentityProviderLister) GitHubIdentityProviders(namespace string) type GitHubIdentityProviderNamespaceLister interface { // List lists all GitHubIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.GitHubIdentityProvider, err error) // Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.GitHubIdentityProvider, error) + Get(name string) (*idpv1alpha1.GitHubIdentityProvider, error) GitHubIdentityProviderNamespaceListerExpansion } // gitHubIdentityProviderNamespaceLister implements the GitHubIdentityProviderNamespaceLister // interface. type gitHubIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all GitHubIdentityProviders in the indexer for a given namespace. -func (s gitHubIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.GitHubIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.GitHubIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the GitHubIdentityProvider from the indexer for a given namespace and name. -func (s gitHubIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.GitHubIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("githubidentityprovider"), name) - } - return obj.(*v1alpha1.GitHubIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.GitHubIdentityProvider] } diff --git a/generated/1.28/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.35/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go similarity index 51% rename from generated/1.28/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go rename to generated/1.35/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index 33d522843..faef92cc1 100644 --- a/generated/1.28/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.35/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.28/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // LDAPIdentityProviderLister helps list LDAPIdentityProviders. @@ -17,7 +17,7 @@ import ( type LDAPIdentityProviderLister interface { // List lists all LDAPIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister LDAPIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type LDAPIdentityProviderLister interface { // lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. type lDAPIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } // NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { - return &lDAPIdentityProviderLister{indexer: indexer} -} - -// List lists all LDAPIdentityProviders in the indexer. -func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err + return &lDAPIdentityProviderLister{listers.New[*idpv1alpha1.LDAPIdentityProvider](indexer, idpv1alpha1.Resource("ldapidentityprovider"))} } // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { - return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return lDAPIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.LDAPIdentityProvider](s.ResourceIndexer, namespace)} } // LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. @@ -51,36 +43,15 @@ func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDA type LDAPIdentityProviderNamespaceLister interface { // List lists all LDAPIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.LDAPIdentityProvider, err error) // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + Get(name string) (*idpv1alpha1.LDAPIdentityProvider, error) LDAPIdentityProviderNamespaceListerExpansion } // lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister // interface. type lDAPIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all LDAPIdentityProviders in the indexer for a given namespace. -func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. -func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) - } - return obj.(*v1alpha1.LDAPIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.LDAPIdentityProvider] } diff --git a/generated/1.27/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.35/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go similarity index 51% rename from generated/1.27/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go rename to generated/1.35/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index 46cb5bb56..4ef8a25d1 100644 --- a/generated/1.27/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.35/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -6,10 +6,10 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.27/apis/supervisor/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" + idpv1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/idp/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" ) // OIDCIdentityProviderLister helps list OIDCIdentityProviders. @@ -17,7 +17,7 @@ import ( type OIDCIdentityProviderLister interface { // List lists all OIDCIdentityProviders in the indexer. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister OIDCIdentityProviderListerExpansion @@ -25,25 +25,17 @@ type OIDCIdentityProviderLister interface { // oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. type oIDCIdentityProviderLister struct { - indexer cache.Indexer + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } // NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { - return &oIDCIdentityProviderLister{indexer: indexer} -} - -// List lists all OIDCIdentityProviders in the indexer. -func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err + return &oIDCIdentityProviderLister{listers.New[*idpv1alpha1.OIDCIdentityProvider](indexer, idpv1alpha1.Resource("oidcidentityprovider"))} } // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { - return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} + return oIDCIdentityProviderNamespaceLister{listers.NewNamespaced[*idpv1alpha1.OIDCIdentityProvider](s.ResourceIndexer, namespace)} } // OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. @@ -51,36 +43,15 @@ func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OID type OIDCIdentityProviderNamespaceLister interface { // List lists all OIDCIdentityProviders in the indexer for a given namespace. // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + List(selector labels.Selector) (ret []*idpv1alpha1.OIDCIdentityProvider, err error) // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + Get(name string) (*idpv1alpha1.OIDCIdentityProvider, error) OIDCIdentityProviderNamespaceListerExpansion } // oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister // interface. type oIDCIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCIdentityProviders in the indexer for a given namespace. -func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. -func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) - } - return obj.(*v1alpha1.OIDCIdentityProvider), nil + listers.ResourceIndexer[*idpv1alpha1.OIDCIdentityProvider] } diff --git a/generated/1.27/client/concierge/openapi/zz_generated.openapi.go b/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go similarity index 73% rename from generated/1.27/client/concierge/openapi/zz_generated.openapi.go rename to generated/1.35/client/supervisor/openapi/zz_generated.openapi.go index 4407c528f..cdf00b545 100644 --- a/generated/1.27/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go @@ -6,409 +6,323 @@ // Code generated by openapi-gen. DO NOT EDIT. -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package openapi +package supervisor import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClaimSource": schema_k8sio_api_core_v1_ClaimSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeResources": schema_k8sio_api_core_v1_NodeResources(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } -func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "user": { - SchemaProps: spec.SchemaProps{ - Description: "User is the UserInfo associated with the current user.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.UserInfo"), - }, - }, - "audiences": { - SchemaProps: spec.SchemaProps{ - Description: "Audiences are audience identifiers chosen by the authenticator.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"user"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.UserInfo"}, - } -} - -func schema_apis_concierge_identity_v1alpha1_UserInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "UserInfo holds the information about the user needed to implement the user.Info interface.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "username": { - SchemaProps: spec.SchemaProps{ - Description: "The name that uniquely identifies this user among all active users.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "uid": { - SchemaProps: spec.SchemaProps{ - Description: "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", - Type: []string{"string"}, - Format: "", - }, - }, - "groups": { - SchemaProps: spec.SchemaProps{ - Description: "The names of groups this user is a part of.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "extra": { - SchemaProps: spec.SchemaProps{ - Description: "Any additional information provided by the authenticator.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - }, - Required: []string{"username"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequest submits a request to echo back the current authenticated user.", + Description: "OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -428,34 +342,35 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), }, }, }, + Required: []string{"spec"}, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "WhoAmIRequestList is a list of WhoAmIRequest objects.", + Description: "OIDCClientSecretRequestList is a list of OIDCClientSecretRequest objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -475,18 +390,18 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { SchemaProps: spec.SchemaProps{ - Description: "Items is a list of WhoAmIRequest.", + Description: "Items is a list of OIDCClientSecretRequest.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), }, }, }, @@ -497,239 +412,65 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Spec is always empty for a WhoAmIRequest.", - Type: []string{"object"}, - }, - }, - } -} - -func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status is set by the server in the response to a WhoAmIRequest.", + Description: "Spec of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kubernetesUserInfo": { + "generateNewSecret": { SchemaProps: spec.SchemaProps{ - Description: "The current authenticated user, exactly as Kubernetes understands it.", - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), - }, - }, - }, - Required: []string{"kubernetesUserInfo"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, - } -} - -func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "expirationTimestamp": { - SchemaProps: spec.SchemaProps{ - Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Token is a bearer token used by the client for request authentication.", - Type: []string{"string"}, + Description: "Request a new client secret to for the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, - "clientCertificateData": { + "revokeOldSecrets": { SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded client TLS certificates (including intermediates, if any).", - Type: []string{"string"}, - Format: "", - }, - }, - "clientKeyData": { - SchemaProps: spec.SchemaProps{ - Description: "PEM-encoded private key for the above certificate.", - Type: []string{"string"}, + Description: "Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: false, + Type: []string{"boolean"}, Format: "", }, }, }, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.", + Description: "Status of the OIDCClientSecretRequest.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kind": { + "generatedSecret": { SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Description: "The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if lost.", Type: []string{"string"}, Format: "", }, }, - "apiVersion": { + "totalClientSecrets": { SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Description: "The total number of client secrets associated with the OIDCClient referenced by the metadata.name field.", + Default: 0, + Type: []string{"integer"}, + Format: "int32", }, }, }, + Required: []string{"totalClientSecrets"}, }, }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "TokenCredentialRequestList is a list of TokenCredentialRequest objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Description: "Items is a list of TokenCredentialRequest.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequest"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Specification of a TokenCredentialRequest, expected on requests to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "token": { - SchemaProps: spec.SchemaProps{ - Description: "Bearer token supplied with the credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - "authenticator": { - SchemaProps: spec.SchemaProps{ - Description: "Reference to an authenticator which can validate this credential request.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), - }, - }, - }, - Required: []string{"authenticator"}, - }, - }, - Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference"}, - } -} - -func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a TokenCredentialRequest, returned on responses to the Pinniped API.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "credential": { - SchemaProps: spec.SchemaProps{ - Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.ClusterCredential"), - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "An error message will be returned for an unsuccessful credential request.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.27/apis/concierge/login/v1alpha1.ClusterCredential"}, } } @@ -786,26 +527,68 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_AppArmorProfile(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppArmorProfile defines a pod or container's AppArmor settings.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.\n\nPossible enum values:\n - `\"Localhost\"` indicates that a profile pre-loaded on the node should be used.\n - `\"RuntimeDefault\"` indicates that the container runtime's default AppArmor profile should be used.\n - `\"Unconfined\"` indicates that no AppArmor profile should be enforced.", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"}, + }, + }, + "localhostProfile": { + SchemaProps: spec.SchemaProps{ + Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-unions": []interface{}{ + map[string]interface{}{ + "discriminator": "type", + "fields-to-discriminateBy": map[string]interface{}{ + "localhostProfile": "LocalhostProfile", + }, + }, + }, + }, + }, + }, } } @@ -847,6 +630,11 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Type: []string{"object"}, Properties: map[string]spec.Schema{ "preferAvoidPods": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Bounded-sized list of signatures of pods that should avoid this node, sorted in timestamp order from oldest to newest. Size of the slice is unspecified.", Type: []string{"array"}, @@ -854,7 +642,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -864,7 +652,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -894,6 +682,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "cachingMode": { SchemaProps: spec.SchemaProps{ Description: "cachingMode is the Host Caching mode: None, Read Only, Read Write.\n\nPossible enum values:\n - `\"None\"`\n - `\"ReadOnly\"`\n - `\"ReadWrite\"`", + Default: v1.AzureDataDiskCachingReadWrite, Type: []string{"string"}, Format: "", Enum: []interface{}{"None", "ReadOnly", "ReadWrite"}, @@ -902,6 +691,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + Default: "ext4", Type: []string{"string"}, Format: "", }, @@ -909,6 +699,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "readOnly": { SchemaProps: spec.SchemaProps{ Description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + Default: false, Type: []string{"boolean"}, Format: "", }, @@ -916,6 +707,7 @@ func schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref common.ReferenceCallback "kind": { SchemaProps: spec.SchemaProps{ Description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared\n\nPossible enum values:\n - `\"Dedicated\"`\n - `\"Managed\"`\n - `\"Shared\"`", + Default: v1.AzureSharedBlobDisk, Type: []string{"string"}, Format: "", Enum: []interface{}{"Dedicated", "Managed", "Shared"}, @@ -1013,7 +805,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + Description: "Binding ties one object to another; for example, a pod is bound to a node by a scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1034,14 +826,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1049,7 +841,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1057,7 +849,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)", + Description: "Represents storage that is managed by an external CSI volume driver", Type: []string{"object"}, Properties: map[string]spec.Schema{ "driver": { @@ -1109,31 +901,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ - Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1141,7 +933,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1193,7 +985,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1201,7 +993,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1213,6 +1005,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "add": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Added capabilities", Type: []string{"array"}, @@ -1228,6 +1025,11 @@ func schema_k8sio_api_core_v1_Capabilities(ref common.ReferenceCallback) common. }, }, "drop": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Removed capabilities", Type: []string{"array"}, @@ -1256,6 +1058,11 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1294,7 +1101,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1309,7 +1116,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1321,6 +1128,11 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", Type: []string{"array"}, @@ -1359,7 +1171,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1374,7 +1186,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1410,7 +1222,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1418,7 +1230,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1454,7 +1266,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1462,34 +1274,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, - } -} - -func schema_k8sio_api_core_v1_ClaimSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "resourceClaimName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceClaimTemplateName": { - SchemaProps: spec.SchemaProps{ - Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long).\n\nAn existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1513,6 +1298,57 @@ func schema_k8sio_api_core_v1_ClientIPConfig(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundleProjection describes how to select a set of ClusterTrustBundle objects and project their contents into the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.", + Type: []string{"string"}, + Format: "", + }, + }, + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.", + Type: []string{"string"}, + Format: "", + }, + }, + "labelSelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "Relative path from the volume root to write the bundle.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{ + metav1.LabelSelector{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_ComponentCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1582,12 +1418,16 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -1599,7 +1439,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1609,7 +1449,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1638,7 +1478,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1649,7 +1489,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1660,7 +1500,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1689,7 +1529,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1734,7 +1574,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1747,7 +1587,8 @@ func schema_k8sio_api_core_v1_ConfigMapEnvSource(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1774,7 +1615,8 @@ func schema_k8sio_api_core_v1_ConfigMapKeySelector(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -1831,7 +1673,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1842,7 +1684,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1853,7 +1695,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1918,12 +1760,18 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -1931,7 +1779,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1948,7 +1796,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1961,12 +1809,18 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -1974,7 +1828,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1998,7 +1852,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2025,6 +1879,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2040,6 +1899,11 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -2080,21 +1944,26 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -2103,6 +1972,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -2114,7 +1987,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -2124,7 +1997,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -2134,13 +2007,39 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources resize policy for the container.", + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), }, }, }, @@ -2149,6 +2048,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -2160,7 +2063,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2169,6 +2072,10 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -2180,7 +2087,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2189,25 +2096,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2236,7 +2143,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2265,7 +2172,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2277,6 +2222,11 @@ func schema_k8sio_api_core_v1_ContainerImage(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "names": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Names by which this image is known. e.g. [\"kubernetes.example/hyperkube:v1.0.7\", \"cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7\"]", Type: []string{"array"}, @@ -2386,6 +2336,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2396,26 +2416,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2429,15 +2449,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2480,15 +2499,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2503,7 +2520,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2553,14 +2570,14 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { @@ -2617,8 +2634,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -2627,7 +2643,69 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "resources": { SchemaProps: spec.SchemaProps{ Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "volumeMounts": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "mountPath", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of volume mounts.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "user": { + SchemaProps: spec.SchemaProps{ + Description: "User represents user identity information initially attached to the first process of the container", + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), + }, + }, + "allocatedResourcesStatus": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal reports the effective stop signal for this container\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, }, }, }, @@ -2635,7 +2713,28 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerUser represents user identity information", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "linux": { + SchemaProps: spec.SchemaProps{ + Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + Dependencies: []string{ + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2669,6 +2768,11 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of DownwardAPIVolume file", Type: []string{"array"}, @@ -2676,7 +2780,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2686,7 +2790,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2707,14 +2811,14 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, "fieldRef": { SchemaProps: spec.SchemaProps{ - Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2729,7 +2833,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -2741,6 +2845,11 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Items is a list of downward API volume file", Type: []string{"array"}, @@ -2748,7 +2857,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2765,7 +2874,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2786,14 +2895,14 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) "sizeLimit": { SchemaProps: spec.SchemaProps{ Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -2801,7 +2910,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointAddress is a tuple that describes single IP address.", + Description: "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "ip": { @@ -2829,7 +2938,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -2842,7 +2951,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -2850,7 +2959,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointPort is a tuple that describes a single port.", + Description: "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2878,7 +2987,7 @@ func schema_k8sio_api_core_v1_EndpointPort(ref common.ReferenceCallback) common. }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -2899,10 +3008,15 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]", + Description: "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "addresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", Type: []string{"array"}, @@ -2910,13 +3024,18 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, }, }, "notReadyAddresses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", Type: []string{"array"}, @@ -2924,13 +3043,18 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Port numbers available on the related IP addresses.", Type: []string{"array"}, @@ -2938,7 +3062,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -2948,7 +3072,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -2956,7 +3080,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]", + Description: "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t {\n\t Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t },\n\t {\n\t Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2977,10 +3101,15 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", Type: []string{"array"}, @@ -2988,7 +3117,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -2998,7 +3127,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -3006,7 +3135,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EndpointsList is a list of endpoints.", + Description: "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -3027,7 +3156,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3038,7 +3167,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -3049,7 +3178,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3057,12 +3186,12 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "EnvFromSource represents the source of a set of ConfigMaps", + Description: "EnvFromSource represents the source of a set of ConfigMaps or Secrets", Type: []string{"object"}, Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3070,20 +3199,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3096,7 +3225,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3112,7 +3241,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3120,7 +3249,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3134,32 +3263,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3186,6 +3321,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3201,6 +3341,11 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3241,21 +3386,26 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3264,6 +3414,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3275,7 +3429,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3285,7 +3439,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3301,7 +3455,33 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), }, }, }, @@ -3310,6 +3490,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3321,7 +3505,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3330,6 +3514,10 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3341,7 +3529,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3350,25 +3538,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3397,7 +3585,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3433,7 +3621,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3460,6 +3648,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3475,6 +3668,11 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, "args": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", Type: []string{"array"}, @@ -3515,21 +3713,26 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, }, }, "envFrom": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3538,6 +3741,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "env": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -3549,7 +3756,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3559,7 +3766,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3575,7 +3782,33 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", + Type: []string{"string"}, + Format: "", + }, + }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), }, }, }, @@ -3584,6 +3817,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "mountPath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "mountPath", "x-kubernetes-patch-strategy": "merge", }, @@ -3595,7 +3832,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3604,6 +3841,10 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "volumeDevices": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "devicePath", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "devicePath", "x-kubernetes-patch-strategy": "merge", }, @@ -3615,7 +3856,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3624,25 +3865,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3671,7 +3912,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3700,7 +3941,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3714,14 +3955,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -3750,14 +3991,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -3778,21 +4019,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -3812,14 +4051,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -3832,7 +4070,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -3856,7 +4094,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -3885,7 +4123,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3896,7 +4134,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -3907,7 +4145,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3928,15 +4166,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -3975,6 +4212,11 @@ func schema_k8sio_api_core_v1_ExecAction(ref common.ReferenceCallback) common.Op Type: []string{"object"}, Properties: map[string]spec.Schema{ "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", Type: []string{"array"}, @@ -4003,6 +4245,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "targetWWNs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "targetWWNs is Optional: FC target worldwide names (WWNs)", Type: []string{"array"}, @@ -4039,6 +4286,11 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo }, }, "wwids": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", Type: []string{"array"}, @@ -4059,6 +4311,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4084,7 +4387,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4115,7 +4418,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4144,7 +4447,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4175,7 +4478,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4253,7 +4556,8 @@ func schema_k8sio_api_core_v1_GRPCAction(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "GRPCAction specifies an action involving a GRPC service.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -4367,7 +4671,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4412,7 +4716,6 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common "port": { SchemaProps: spec.SchemaProps{ Description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -4432,6 +4735,11 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, "httpHeaders": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Custom headers to set in the request. HTTP allows repeated headers.", Type: []string{"array"}, @@ -4439,7 +4747,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4450,7 +4758,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -4494,11 +4802,17 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope "ip": { SchemaProps: spec.SchemaProps{ Description: "IP address of the host file entry.", + Default: "", Type: []string{"string"}, Format: "", }, }, "hostnames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Hostnames for the above IP address.", Type: []string{"array"}, @@ -4514,6 +4828,29 @@ func schema_k8sio_api_core_v1_HostAlias(ref common.ReferenceCallback) common.Ope }, }, }, + Required: []string{"ip"}, + }, + }, + } +} + +func schema_k8sio_api_core_v1_HostIP(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "HostIP represents a single IP address allocated to the host.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Description: "IP is the IP address assigned to the host", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ip"}, }, }, } @@ -4583,6 +4920,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4602,6 +4940,11 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4633,7 +4976,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4648,7 +4991,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4686,6 +5029,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "iscsiInterface": { SchemaProps: spec.SchemaProps{ Description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + Default: "default", Type: []string{"string"}, Format: "", }, @@ -4705,6 +5049,11 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, "portals": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", Type: []string{"array"}, @@ -4736,7 +5085,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4751,7 +5100,35 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ImageVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ImageVolumeSource represents a image volume resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "reference": { + SchemaProps: spec.SchemaProps{ + Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + Type: []string{"string"}, + Format: "", + }, + }, + "pullPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.\n\nPossible enum values:\n - `\"Always\"` means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - `\"IfNotPresent\"` means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - `\"Never\"` means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Always", "IfNotPresent", "Never"}, + }, + }, + }, + }, + }, } } @@ -4802,20 +5179,28 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), + }, + }, + "stopSignal": { + SchemaProps: spec.SchemaProps{ + Description: "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name\n\nPossible enum values:\n - `\"SIGABRT\"`\n - `\"SIGALRM\"`\n - `\"SIGBUS\"`\n - `\"SIGCHLD\"`\n - `\"SIGCLD\"`\n - `\"SIGCONT\"`\n - `\"SIGFPE\"`\n - `\"SIGHUP\"`\n - `\"SIGILL\"`\n - `\"SIGINT\"`\n - `\"SIGIO\"`\n - `\"SIGIOT\"`\n - `\"SIGKILL\"`\n - `\"SIGPIPE\"`\n - `\"SIGPOLL\"`\n - `\"SIGPROF\"`\n - `\"SIGPWR\"`\n - `\"SIGQUIT\"`\n - `\"SIGRTMAX\"`\n - `\"SIGRTMAX-1\"`\n - `\"SIGRTMAX-10\"`\n - `\"SIGRTMAX-11\"`\n - `\"SIGRTMAX-12\"`\n - `\"SIGRTMAX-13\"`\n - `\"SIGRTMAX-14\"`\n - `\"SIGRTMAX-2\"`\n - `\"SIGRTMAX-3\"`\n - `\"SIGRTMAX-4\"`\n - `\"SIGRTMAX-5\"`\n - `\"SIGRTMAX-6\"`\n - `\"SIGRTMAX-7\"`\n - `\"SIGRTMAX-8\"`\n - `\"SIGRTMAX-9\"`\n - `\"SIGRTMIN\"`\n - `\"SIGRTMIN+1\"`\n - `\"SIGRTMIN+10\"`\n - `\"SIGRTMIN+11\"`\n - `\"SIGRTMIN+12\"`\n - `\"SIGRTMIN+13\"`\n - `\"SIGRTMIN+14\"`\n - `\"SIGRTMIN+15\"`\n - `\"SIGRTMIN+2\"`\n - `\"SIGRTMIN+3\"`\n - `\"SIGRTMIN+4\"`\n - `\"SIGRTMIN+5\"`\n - `\"SIGRTMIN+6\"`\n - `\"SIGRTMIN+7\"`\n - `\"SIGRTMIN+8\"`\n - `\"SIGRTMIN+9\"`\n - `\"SIGSEGV\"`\n - `\"SIGSTKFLT\"`\n - `\"SIGSTOP\"`\n - `\"SIGSYS\"`\n - `\"SIGTERM\"`\n - `\"SIGTRAP\"`\n - `\"SIGTSTP\"`\n - `\"SIGTTIN\"`\n - `\"SIGTTOU\"`\n - `\"SIGURG\"`\n - `\"SIGUSR1\"`\n - `\"SIGUSR2\"`\n - `\"SIGVTALRM\"`\n - `\"SIGWINCH\"`\n - `\"SIGXCPU\"`\n - `\"SIGXFSZ\"`", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"SIGABRT", "SIGALRM", "SIGBUS", "SIGCHLD", "SIGCLD", "SIGCONT", "SIGFPE", "SIGHUP", "SIGILL", "SIGINT", "SIGIO", "SIGIOT", "SIGKILL", "SIGPIPE", "SIGPOLL", "SIGPROF", "SIGPWR", "SIGQUIT", "SIGRTMAX", "SIGRTMAX-1", "SIGRTMAX-10", "SIGRTMAX-11", "SIGRTMAX-12", "SIGRTMAX-13", "SIGRTMAX-14", "SIGRTMAX-2", "SIGRTMAX-3", "SIGRTMAX-4", "SIGRTMAX-5", "SIGRTMAX-6", "SIGRTMAX-7", "SIGRTMAX-8", "SIGRTMAX-9", "SIGRTMIN", "SIGRTMIN+1", "SIGRTMIN+10", "SIGRTMIN+11", "SIGRTMIN+12", "SIGRTMIN+13", "SIGRTMIN+14", "SIGRTMIN+15", "SIGRTMIN+2", "SIGRTMIN+3", "SIGRTMIN+4", "SIGRTMIN+5", "SIGRTMIN+6", "SIGRTMIN+7", "SIGRTMIN+8", "SIGRTMIN+9", "SIGSEGV", "SIGSTKFLT", "SIGSTOP", "SIGSYS", "SIGTERM", "SIGTRAP", "SIGTSTP", "SIGTTIN", "SIGTTOU", "SIGURG", "SIGUSR1", "SIGUSR2", "SIGVTALRM", "SIGWINCH", "SIGXCPU", "SIGXFSZ"}, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -4828,27 +5213,33 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), + }, + }, + "sleep": { + SchemaProps: spec.SchemaProps{ + Description: "Sleep represents a duration that the container should sleep.", + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -4877,21 +5268,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -4918,8 +5309,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4933,8 +5323,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4948,8 +5337,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4963,8 +5351,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4978,8 +5365,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -4990,7 +5376,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5019,7 +5405,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5030,7 +5416,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -5041,7 +5427,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5053,6 +5439,11 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Type: []string{"object"}, Properties: map[string]spec.Schema{ "limits": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Limits is the list of LimitRangeItem objects that are enforced.", Type: []string{"array"}, @@ -5060,7 +5451,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -5071,7 +5462,57 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_LinuxContainerUser(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LinuxContainerUser represents user identity information in Linux containers", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the primary uid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "gid": { + SchemaProps: spec.SchemaProps{ + Description: "GID is the primary gid initially attached to the first process in the container", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroups are the supplemental groups initially attached to the first process in the container", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, + }, + Required: []string{"uid", "gid"}, + }, + }, } } @@ -5100,7 +5541,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5110,8 +5551,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5122,7 +5562,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5147,6 +5587,13 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Format: "", }, }, + "ipMode": { + SchemaProps: spec.SchemaProps{ + Description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. Setting this to \"VIP\" indicates that traffic is delivered to the node with the destination set to the load-balancer's IP and port. Setting this to \"Proxy\" indicates that traffic is delivered to the node or pod with the destination set to the node's IP and node port or the pod's IP and port. Service implementations may use this information to adjust traffic routing.", + Type: []string{"string"}, + Format: "", + }, + }, "ports": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -5160,7 +5607,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5170,7 +5617,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5182,6 +5629,11 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Type: []string{"object"}, Properties: map[string]spec.Schema{ "ingress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", Type: []string{"array"}, @@ -5189,7 +5641,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5199,7 +5651,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5212,7 +5664,8 @@ func schema_k8sio_api_core_v1_LocalObjectReference(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -5232,7 +5685,7 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Local represents directly-attached storage with node affinity (Beta feature)", + Description: "Local represents directly-attached storage with node affinity", Type: []string{"object"}, Properties: map[string]spec.Schema{ "path": { @@ -5257,6 +5710,36 @@ func schema_k8sio_api_core_v1_LocalVolumeSource(ref common.ReferenceCallback) co } } +func schema_k8sio_api_core_v1_ModifyVolumeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "targetVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately.\n\nPossible enum values:\n - `\"InProgress\"` InProgress indicates that the volume is being modified\n - `\"Infeasible\"` Infeasible indicates that the request has been rejected as invalid by the CSI driver. To resolve the error, a valid VolumeAttributesClass needs to be specified\n - `\"Pending\"` Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as the specified VolumeAttributesClass not existing", + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"InProgress", "Infeasible", "Pending"}, + }, + }, + }, + Required: []string{"status"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_NFSVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -5319,28 +5802,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5369,20 +5852,22 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "Last time the condition transitioned from one status to another.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Unique, one-word, CamelCase reason for the condition's last transition.", + Type: []string{"string"}, + Format: "", }, }, "message": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Human-readable message indicating details about last transition.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -5390,7 +5875,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5419,7 +5904,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5430,7 +5915,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5441,7 +5926,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5453,6 +5938,11 @@ func schema_k8sio_api_core_v1_NamespaceSpec(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "finalizers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", Type: []string{"array"}, @@ -5491,6 +5981,10 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -5502,7 +5996,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -5512,7 +6006,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -5541,28 +6035,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5606,10 +6100,15 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -5617,7 +6116,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -5627,7 +6126,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, } } @@ -5657,15 +6156,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5687,7 +6184,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5701,14 +6198,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -5722,19 +6219,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -5748,7 +6245,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -5763,14 +6260,34 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeFeatures describes the set of features implemented by the CRI implementation. The features contained in the NodeFeatures should depend only on the cri implementation independent of runtime handlers.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5799,7 +6316,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5810,7 +6327,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -5821,7 +6338,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5859,34 +6376,59 @@ func schema_k8sio_api_core_v1_NodeProxyOptions(ref common.ReferenceCallback) com } } -func schema_k8sio_api_core_v1_NodeResources(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeResources is an object for conveying resource information about a node. see https://kubernetes.io/docs/concepts/architecture/nodes/#capacity for more details.", + Description: "NodeRuntimeHandler is a set of runtime handler information.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "Capacity": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the available resources of a node", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), - }, - }, - }, + Description: "Runtime handler name. Empty for the default runtime handler.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Supported features.", + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, - Required: []string{"Capacity"}, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "recursiveReadOnlyMounts": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnlyMounts is set to true if the runtime handler supports RecursiveReadOnlyMounts.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "userNamespaces": { + SchemaProps: spec.SchemaProps{ + Description: "UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -5898,6 +6440,11 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nodeSelectorTerms": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Required. A list of node selector terms. The terms are ORed.", Type: []string{"array"}, @@ -5905,7 +6452,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -5921,7 +6468,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -5950,6 +6497,11 @@ func schema_k8sio_api_core_v1_NodeSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -5979,6 +6531,11 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's labels.", Type: []string{"array"}, @@ -5986,13 +6543,18 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, }, }, "matchFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of node selector requirements by node's fields.", Type: []string{"array"}, @@ -6000,7 +6562,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6015,7 +6577,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -6036,6 +6598,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "podCIDRs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -6068,6 +6631,11 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, "taints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the node's taints.", Type: []string{"array"}, @@ -6075,7 +6643,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -6084,7 +6652,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -6098,7 +6666,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -6111,14 +6679,13 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Properties: map[string]spec.Schema{ "capacity": { SchemaProps: spec.SchemaProps{ - Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + Description: "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/reference/node/node-status/#capacity", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6132,8 +6699,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6150,18 +6716,22 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + Description: "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/reference/node/node-status/#condition", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6170,18 +6740,22 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "addresses": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", + Description: "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/reference/node/node-status/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6191,17 +6765,22 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ - Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", + Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of container images on this node", Type: []string{"array"}, @@ -6209,13 +6788,18 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, }, }, "volumesInUse": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of attachable volumes in use (mounted) by the node.", Type: []string{"array"}, @@ -6231,6 +6815,11 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op }, }, "volumesAttached": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of volumes that are attached to the node.", Type: []string{"array"}, @@ -6238,7 +6827,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6247,14 +6836,79 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), + }, + }, + "runtimeHandlers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "The available runtime handlers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "features": { + SchemaProps: spec.SchemaProps{ + Description: "Features describes the set of features implemented by the CRI implementation.", + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_NodeSwapStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NodeSwapStatus represents swap memory information.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "capacity": { + SchemaProps: spec.SchemaProps{ + Description: "Total amount of swap memory in bytes.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + }, + }, } } @@ -6323,7 +6977,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, "kubeProxyVersion": { SchemaProps: spec.SchemaProps{ - Description: "KubeProxy Version reported by the node.", + Description: "Deprecated: KubeProxy Version reported by the node.", Default: "", Type: []string{"string"}, Format: "", @@ -6345,10 +6999,18 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo Format: "", }, }, + "swap": { + SchemaProps: spec.SchemaProps{ + Description: "Swap Info reported by the node.", + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), + }, + }, }, Required: []string{"machineID", "systemUUID", "bootID", "kernelVersion", "osImage", "containerRuntimeVersion", "kubeletVersion", "kubeProxyVersion", "operatingSystem", "architecture"}, }, }, + Dependencies: []string{ + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -6478,28 +7140,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6528,28 +7190,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6562,35 +7224,35 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Type is the type of the condition. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "status": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { SchemaProps: spec.SchemaProps{ - Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + Description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"Resizing\" that means the underlying persistent volume is being resized.", Type: []string{"string"}, Format: "", }, @@ -6607,7 +7269,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -6636,7 +7298,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6647,7 +7309,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -6658,7 +7320,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6670,6 +7332,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6679,6 +7346,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6687,14 +7355,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -6722,20 +7390,27 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), + }, + }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -6755,6 +7430,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", Type: []string{"array"}, @@ -6764,6 +7444,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -6777,8 +7458,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6787,18 +7467,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + Description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -6806,32 +7490,58 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, - "resizeStatus": { + "allocatedResourceStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "granular", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.\n\nPossible enum values:\n - `\"\"` When expansion is complete, the empty string is set by resize controller or kubelet.\n - `\"ControllerExpansionFailed\"` State set when expansion has failed in resize controller with a terminal error. Transient errors such as timeout should not set this status and should leave ResizeStatus unmodified, so as resize controller can resume the volume expansion.\n - `\"ControllerExpansionInProgress\"` State set when resize controller starts expanding the volume in control-plane\n - `\"NodeExpansionFailed\"` State set when expansion has failed in kubelet with a terminal error. Transient errors don't set NodeExpansionFailed.\n - `\"NodeExpansionInProgress\"` State set when kubelet starts expanding the volume.\n - `\"NodeExpansionPending\"` State set when resize controller has finished expanding the volume but further expansion is needed on the node.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"ControllerResizeInProgress", "ControllerResizeInfeasible", "NodeResizeInProgress", "NodeResizeInfeasible", "NodeResizePending"}, + }, + }, + }, + }, + }, + "currentVolumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", - Enum: []interface{}{"", "ControllerExpansionFailed", "ControllerExpansionInProgress", "NodeExpansionFailed", "NodeExpansionInProgress", "NodeExpansionPending"}, + }, + }, + "modifyVolumeStatus": { + SchemaProps: spec.SchemaProps{ + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -6846,14 +7556,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -6861,7 +7571,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6919,7 +7629,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6930,7 +7640,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -6941,7 +7651,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6954,141 +7664,141 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac Properties: map[string]spec.Schema{ "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -7107,8 +7817,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7116,137 +7825,142 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi represents storage that is handled by an external CSI driver (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Description: "csi represents storage that is handled by an external CSI driver.", + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", Type: []string{"array"}, @@ -7256,6 +7970,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"ReadOnlyMany", "ReadWriteMany", "ReadWriteOnce", "ReadWriteOncePod"}, }, }, }, @@ -7269,7 +7984,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -7288,6 +8003,11 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, "mountOptions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "mountOptions is the list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", Type: []string{"array"}, @@ -7312,15 +8032,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), + }, + }, + "volumeAttributesClassName": { + SchemaProps: spec.SchemaProps{ + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7353,9 +8080,17 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac Format: "", }, }, + "lastPhaseTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), + }, + }, }, }, }, + Dependencies: []string{ + metav1.Time{}.OpenAPIModelName()}, } } @@ -7413,28 +8148,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7446,6 +8181,11 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7453,13 +8193,18 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, @@ -7467,7 +8212,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7477,7 +8222,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7490,11 +8235,16 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "labelSelector": { SchemaProps: spec.SchemaProps{ - Description: "A label query over a set of resources, in this case pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", Type: []string{"array"}, @@ -7520,7 +8270,47 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), + }, + }, + "matchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "mismatchLabelKeys": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, @@ -7528,7 +8318,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7540,6 +8330,11 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "requiredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", Type: []string{"array"}, @@ -7547,21 +8342,26 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, }, }, "preferredDuringSchedulingIgnoredDuringExecution": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7571,7 +8371,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7637,6 +8437,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7652,6 +8524,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. Format: "", }, }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", @@ -7663,15 +8542,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -7693,7 +8570,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7705,6 +8582,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Type: []string{"object"}, Properties: map[string]spec.Schema{ "nameservers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", Type: []string{"array"}, @@ -7720,6 +8602,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "searches": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", Type: []string{"array"}, @@ -7735,6 +8622,11 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, "options": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", Type: []string{"array"}, @@ -7742,7 +8634,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -7752,7 +8644,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -7765,15 +8657,16 @@ func schema_k8sio_api_core_v1_PodDNSConfigOption(ref common.ReferenceCallback) c Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Required.", + Description: "Name is this DNS resolver option's name. Required.", Type: []string{"string"}, Format: "", }, }, "value": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Description: "Value is this DNS resolver option's value.", + Type: []string{"string"}, + Format: "", }, }, }, @@ -7839,6 +8732,11 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo }, }, "command": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Command is the remote command to execute. argv array. Not executed within a shell.", Type: []string{"array"}, @@ -7860,21 +8758,66 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } -func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "IP address information for entries in the (plural) PodIPs field. Each entry includes:\n\n\tIP: An IP address allocated to the pod. Routable at least within the cluster.", + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "ip": { + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "ip is an IP address (IPv4 or IPv6) assigned to the pod", + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodIP represents a single IP address allocated to the pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Description: "IP is the IP address assigned to the pod", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ip"}, }, }, } @@ -7905,7 +8848,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7916,7 +8859,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -7927,7 +8870,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7983,7 +8926,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -7995,7 +8938,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, "tailLines": { SchemaProps: spec.SchemaProps{ - Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + Description: "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", Type: []string{"integer"}, Format: "int64", }, @@ -8014,11 +8957,18 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common Format: "", }, }, + "stream": { + SchemaProps: spec.SchemaProps{ + Description: "Specify which container log stream to return to the client. Acceptable values are \"All\", \"Stdout\" and \"Stderr\". If not specified, \"All\" is used, and both stdout and stderr are returned interleaved. Note that when \"TailLines\" is specified, \"Stream\" can only be set to nil or \"All\".", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8066,6 +9016,11 @@ func schema_k8sio_api_core_v1_PodPortForwardOptions(ref common.ReferenceCallback }, }, "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "List of ports to forward Required when using WebSockets", Type: []string{"array"}, @@ -8146,7 +9101,7 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + Description: "PodResourceClaim references exactly one ResourceClaim, either directly or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim for the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -8157,19 +9112,53 @@ func schema_k8sio_api_core_v1_PodResourceClaim(ref common.ReferenceCallback) com Format: "", }, }, - "source": { + "resourceClaimName": { SchemaProps: spec.SchemaProps{ - Description: "Source describes where to find the ResourceClaim.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ClaimSource"), + Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimTemplateName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must be set.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name"}, + }, + }, + } +} + +func schema_k8sio_api_core_v1_PodResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim which references a ResourceClaimTemplate. It stores the generated name for the corresponding ResourceClaim.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name uniquely identifies this resource claim inside the pod. This must match the name of an entry in pod.spec.resourceClaims, which implies that the string must be a DNS_LABEL.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod. If this is unset, then generating a ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be ignored in this case.", + Type: []string{"string"}, + Format: "", }, }, }, Required: []string{"name"}, }, }, - Dependencies: []string{ - "k8s.io/api/core/v1.ClaimSource"}, } } @@ -8205,13 +9194,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -8236,8 +9225,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "supplementalGroups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -8250,6 +9244,14 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, }, + "supplementalGroupsPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Merge\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be merged with the primary user's groups as defined in the container image (in /etc/group).\n - `\"Strict\"` means that the container's provided SupplementalGroups and FsGroup (specified in SecurityContext) will be used instead of any groups defined in the container image.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Merge", "Strict"}, + }, + }, "fsGroup": { SchemaProps: spec.SchemaProps{ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", @@ -8258,6 +9260,11 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, "sysctls": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", Type: []string{"array"}, @@ -8265,7 +9272,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -8282,14 +9289,27 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), + }, + }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), + }, + }, + "seLinuxChangePolicy": { + SchemaProps: spec.SchemaProps{ + Description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. Valid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime. This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option. This requires all Pods that share the same volume to use the same SELinux label. It is not possible to share the same volume among privileged and unprivileged Pods. Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their CSIDriver instance. Other volumes are always re-labelled recursively. \"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used. If not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes and \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. Note that this field cannot be set when spec.os.name is windows.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -8303,14 +9323,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -8324,6 +9344,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "volumes": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge,retainKeys", }, @@ -8335,7 +9359,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -8344,18 +9368,22 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "initContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + Description: "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8364,6 +9392,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "containers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8375,7 +9407,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -8384,6 +9416,10 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "ephemeralContainers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8395,7 +9431,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -8461,7 +9497,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "serviceAccount": { SchemaProps: spec.SchemaProps{ - Description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + Description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", Type: []string{"string"}, Format: "", }, @@ -8475,14 +9511,14 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename", Type: []string{"string"}, Format: "", }, }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -8511,12 +9547,16 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, @@ -8528,7 +9568,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -8551,7 +9591,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -8562,6 +9602,11 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's tolerations.", Type: []string{"array"}, @@ -8569,7 +9614,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -8578,18 +9623,22 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "hostAliases": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + Description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -8612,10 +9661,15 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", Type: []string{"array"}, @@ -8623,7 +9677,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -8659,8 +9713,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -8685,7 +9738,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -8693,15 +9746,15 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "setHostnameAsFQDN": { SchemaProps: spec.SchemaProps{ - Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + Description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", Type: []string{"boolean"}, Format: "", }, }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { @@ -8723,13 +9776,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate.", + Description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -8747,24 +9800,43 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, }, }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "workloadRef": { + SchemaProps: spec.SchemaProps{ + Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), + }, + }, }, Required: []string{"containers"}, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -8775,6 +9847,13 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Description: "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", + Type: []string{"integer"}, + Format: "int64", + }, + }, "phase": { SchemaProps: spec.SchemaProps{ Description: "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible enum values:\n - `\"Failed\"` means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).\n - `\"Pending\"` means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.\n - `\"Running\"` means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.\n - `\"Succeeded\"` means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.\n - `\"Unknown\"` means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)", @@ -8786,6 +9865,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -8797,7 +9880,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -8826,14 +9909,35 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "hostIP": { SchemaProps: spec.SchemaProps{ - Description: "IP address of the host to which the pod is assigned. Empty if not yet scheduled.", + Description: "hostIP holds the IP address of the host to which the pod is assigned. Empty if the pod has not started yet. A pod can be assigned to a node that has a problem in kubelet which in turns mean that HostIP will not be updated even if there is a node is assigned to pod", Type: []string{"string"}, Format: "", }, }, + "hostIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "ip", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "hostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must match the hostIP field. This list is empty if the pod has not started yet. A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will not be updated even if there is a node is assigned to this pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.HostIP{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "podIP": { SchemaProps: spec.SchemaProps{ - Description: "IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", + Description: "podIP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", Type: []string{"string"}, Format: "", }, @@ -8841,6 +9945,10 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "podIPs": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "ip", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "ip", "x-kubernetes-patch-strategy": "merge", }, @@ -8852,7 +9960,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -8861,32 +9969,42 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, }, }, "containerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -8901,14 +10019,19 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, "ephemeralContainerStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -8916,16 +10039,66 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, "resize": { SchemaProps: spec.SchemaProps{ - Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + Description: "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.", Type: []string{"string"}, Format: "", }, }, + "resourceClaimStatuses": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge,retainKeys", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Status of resource claims.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -8954,21 +10127,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8997,21 +10170,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9040,7 +10213,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9051,7 +10224,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -9062,7 +10235,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9077,21 +10250,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9099,7 +10272,8 @@ func schema_k8sio_api_core_v1_PortStatus(ref common.ReferenceCallback) common.Op return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "PortStatus represents the error condition of a service port", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "port": { SchemaProps: spec.SchemaProps{ @@ -9179,14 +10353,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9208,7 +10381,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9231,7 +10404,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -9239,7 +10412,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -9252,26 +10425,26 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -9320,7 +10493,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9333,33 +10506,33 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. Properties: map[string]spec.Schema{ "exec": { SchemaProps: spec.SchemaProps{ - Description: "Exec specifies the action to take.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Description: "Exec specifies a command to execute in the container.", + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ - Description: "HTTPGet specifies the http request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Description: "HTTPGet specifies an HTTP GET request to perform.", + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ - Description: "TCPSocket specifies an action involving a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Description: "TCPSocket specifies a connection to a TCP port.", + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ - Description: "GRPC specifies an action involving a GRPC port.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Description: "GRPC specifies a GRPC HealthCheckRequest.", + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -9371,14 +10544,19 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Type: []string{"object"}, Properties: map[string]spec.Schema{ "sources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "sources is the list of volume projections", + Description: "sources is the list of volume projections. Each entry in this list handles one source.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -9395,7 +10573,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -9465,6 +10643,11 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9497,6 +10680,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9504,6 +10688,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9511,6 +10696,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9518,7 +10704,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -9533,7 +10719,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -9545,6 +10731,11 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm Type: []string{"object"}, Properties: map[string]spec.Schema{ "monitors": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", Type: []string{"array"}, @@ -9577,6 +10768,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "pool": { SchemaProps: spec.SchemaProps{ Description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "rbd", Type: []string{"string"}, Format: "", }, @@ -9584,6 +10776,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "admin", Type: []string{"string"}, Format: "", }, @@ -9591,6 +10784,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "keyring": { SchemaProps: spec.SchemaProps{ Description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + Default: "/etc/ceph/keyring", Type: []string{"string"}, Format: "", }, @@ -9598,7 +10792,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -9613,7 +10807,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -9642,7 +10836,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -9665,7 +10859,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9694,28 +10888,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9745,8 +10939,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9768,7 +10961,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -9797,7 +10990,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9808,7 +11001,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -9819,7 +11012,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9833,6 +11026,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "replicas": { SchemaProps: spec.SchemaProps{ Description: "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + Default: 1, Type: []string{"integer"}, Format: "int32", }, @@ -9840,6 +11034,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "minReadySeconds": { SchemaProps: spec.SchemaProps{ Description: "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + Default: 0, Type: []string{"integer"}, Format: "int32", }, @@ -9868,14 +11063,14 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "template": { SchemaProps: spec.SchemaProps{ Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -9925,6 +11120,10 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa "conditions": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "type", "x-kubernetes-patch-strategy": "merge", }, @@ -9936,7 +11135,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -9947,7 +11146,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -9966,6 +11165,13 @@ func schema_k8sio_api_core_v1_ResourceClaim(ref common.ReferenceCallback) common Format: "", }, }, + "request": { + SchemaProps: spec.SchemaProps{ + Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + Type: []string{"string"}, + Format: "", + }, + }, }, Required: []string{"name"}, }, @@ -9998,8 +11204,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10012,7 +11217,36 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceHealth(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceHealth represents the health of a resource. It has the latest device health information. This is a part of KEP https://kep.k8s.io/4680.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "resourceID": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceID is the unique identifier of the resource. See the ResourceID type for more information.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "health": { + SchemaProps: spec.SchemaProps{ + Description: "Health of the resource. can be one of:\n - Healthy: operates as normal\n - Unhealthy: reported unhealthy. We consider this a temporary health issue\n since we do not have a mechanism today to distinguish\n temporary and permanent issues.\n - Unknown: The status cannot be determined.\n For example, Device Plugin got unregistered and hasn't been re-registered since.\n\nIn future we may want to introduce the PermanentlyUnhealthy Status.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"resourceID"}, + }, + }, } } @@ -10041,28 +11275,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10091,7 +11325,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10102,7 +11336,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -10113,7 +11347,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10132,14 +11366,18 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, "scopes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", Type: []string{"array"}, @@ -10149,6 +11387,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, }, @@ -10157,14 +11396,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -10183,8 +11422,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10198,8 +11436,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10209,7 +11446,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -10228,8 +11465,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10243,8 +11479,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10260,13 +11495,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -10276,7 +11511,53 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ResourceStatus represents the status of a single resource allocated to a Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. For DRA resources, the value must be \"claim:/\". When this status is reported about a container, the \"claim_name\" and \"request\" must match one of the claims of this container.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "resourceID", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of unique resources health. Each element in the list contains an unique resource ID and its health. At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. See ResourceID type definition for a specific format it has in various use cases.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -10347,7 +11628,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10374,6 +11655,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10388,6 +11670,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10404,7 +11687,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10434,7 +11717,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -10461,6 +11744,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "storageMode": { SchemaProps: spec.SchemaProps{ Description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + Default: "ThinProvisioned", Type: []string{"string"}, Format: "", }, @@ -10475,6 +11759,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "fsType": { SchemaProps: spec.SchemaProps{ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + Default: "xfs", Type: []string{"string"}, Format: "", }, @@ -10491,7 +11776,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10503,6 +11788,11 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of scope selector requirements by scope of the resources.", Type: []string{"array"}, @@ -10510,7 +11800,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -10525,7 +11815,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -10538,11 +11828,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer Properties: map[string]spec.Schema{ "scopeName": { SchemaProps: spec.SchemaProps{ - Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0", + Description: "The name of the scope that the selector applies to.\n\nPossible enum values:\n - `\"BestEffort\"` Match all pod objects that have best effort quality of service\n - `\"CrossNamespacePodAffinity\"` Match all pod objects that have cross-namespace pod (anti)affinity mentioned.\n - `\"NotBestEffort\"` Match all pod objects that do not have best effort quality of service\n - `\"NotTerminating\"` Match all pod objects where spec.activeDeadlineSeconds is nil\n - `\"PriorityClass\"` Match all pod objects that have priority class mentioned\n - `\"Terminating\"` Match all pod objects where spec.activeDeadlineSeconds >=0\n - `\"VolumeAttributesClass\"` Match all pvc objects that have volume attributes class mentioned.", Default: "", Type: []string{"string"}, Format: "", - Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating"}, + Enum: []interface{}{"BestEffort", "CrossNamespacePodAffinity", "NotBestEffort", "NotTerminating", "PriorityClass", "Terminating", "VolumeAttributesClass"}, }, }, "operator": { @@ -10555,6 +11845,11 @@ func schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref common.Refer }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -10594,7 +11889,7 @@ func schema_k8sio_api_core_v1_SeccompProfile(ref common.ReferenceCallback) commo }, "localhostProfile": { SchemaProps: spec.SchemaProps{ - Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", Type: []string{"string"}, Format: "", }, @@ -10643,7 +11938,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -10695,7 +11990,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10708,7 +12003,8 @@ func schema_k8sio_api_core_v1_SecretEnvSource(ref common.ReferenceCallback) comm Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10735,7 +12031,8 @@ func schema_k8sio_api_core_v1_SecretKeySelector(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, @@ -10792,7 +12089,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10803,7 +12100,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -10814,7 +12111,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10827,12 +12124,18 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", Type: []string{"string"}, Format: "", }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -10840,7 +12143,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -10857,7 +12160,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -10908,6 +12211,11 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, "items": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", Type: []string{"array"}, @@ -10915,7 +12223,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -10939,7 +12247,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -10953,7 +12261,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -10966,13 +12274,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -11012,7 +12320,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm }, "procMount": { SchemaProps: spec.SchemaProps{ - Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", + Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.\n\nPossible enum values:\n - `\"Default\"` uses the container runtime defaults for readonly and masked paths for /proc. Most container runtimes mask certain paths in /proc to avoid accidental security exposure of special devices or information.\n - `\"Unmasked\"` bypasses the default masking behavior of the container runtime and ensures the newly created /proc the container stays in tact with no modifications.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Default", "Unmasked"}, @@ -11021,14 +12329,20 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), + }, + }, + "appArmorProfile": { + SchemaProps: spec.SchemaProps{ + Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -11057,14 +12371,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -11093,28 +12407,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11143,30 +12457,39 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "name", "x-kubernetes-patch-strategy": "merge", }, }, SchemaProps: spec.SchemaProps{ - Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", + Description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". The \"kubernetes.io/enforce-mountable-secrets\" annotation is deprecated since v1.32. Prefer separate namespaces to isolate access to mounted secrets. This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, "imagePullSecrets": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", Type: []string{"array"}, @@ -11174,7 +12497,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -11191,7 +12514,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11220,7 +12543,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11231,7 +12554,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -11242,7 +12565,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11307,7 +12630,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11318,7 +12641,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -11329,7 +12652,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11358,7 +12681,7 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O }, "appProtocol": { SchemaProps: spec.SchemaProps{ - Description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + Description: "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", Type: []string{"string"}, Format: "", }, @@ -11374,7 +12697,6 @@ func schema_k8sio_api_core_v1_ServicePort(ref common.ReferenceCallback) common.O "targetPort": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -11454,7 +12776,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -11517,6 +12839,11 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, "externalIPs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", Type: []string{"array"}, @@ -11541,12 +12868,17 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "loadBalancerIP": { SchemaProps: spec.SchemaProps{ - Description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.", + Description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available.", Type: []string{"string"}, Format: "", }, }, "loadBalancerSourceRanges": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", Type: []string{"array"}, @@ -11570,10 +12902,10 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, "externalTrafficPolicy": { SchemaProps: spec.SchemaProps{ - Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"`\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"`\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", + Description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\nPossible enum values:\n - `\"Cluster\"` routes traffic to all endpoints.\n - `\"Local\"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Cluster", "Cluster", "Local", "Local"}, + Enum: []interface{}{"Cluster", "Local"}, }, }, "healthCheckNodePort": { @@ -11593,7 +12925,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -11611,6 +12943,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Default: "", Type: []string{"string"}, Format: "", + Enum: []interface{}{"", "IPv4", "IPv6"}, }, }, }, @@ -11646,11 +12979,18 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Enum: []interface{}{"Cluster", "Local"}, }, }, + "trafficDistribution": { + SchemaProps: spec.SchemaProps{ + Description: "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -11665,7 +13005,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -11686,7 +13026,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -11696,7 +13036,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -11710,14 +13050,36 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_SleepAction(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SleepAction describes a \"sleep\" action.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "seconds": { + SchemaProps: spec.SchemaProps{ + Description: "Seconds is the number of seconds to sleep.", + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + Required: []string{"seconds"}, + }, + }, } } @@ -11759,14 +13121,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -11808,14 +13170,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11859,7 +13221,6 @@ func schema_k8sio_api_core_v1_TCPSocketAction(ref common.ReferenceCallback) comm "port": { SchemaProps: spec.SchemaProps{ Description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - Default: map[string]interface{}{}, Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), }, }, @@ -11912,8 +13273,8 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -11921,7 +13282,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -11941,10 +13302,10 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, }, }, "value": { @@ -11991,6 +13352,11 @@ func schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref common.Refere }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", Type: []string{"array"}, @@ -12020,6 +13386,11 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Type: []string{"object"}, Properties: map[string]spec.Schema{ "matchLabelExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "A list of topology selector requirements by labels.", Type: []string{"array"}, @@ -12027,7 +13398,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -12042,7 +13413,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -12081,19 +13452,19 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { SchemaProps: spec.SchemaProps{ - Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.", Type: []string{"integer"}, Format: "int32", }, }, "nodeAffinityPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12101,7 +13472,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, "nodeTaintsPolicy": { SchemaProps: spec.SchemaProps{ - Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", + Description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\n\nPossible enum values:\n - `\"Honor\"` means use this scheduling directive when calculating pod topology spread skew.\n - `\"Ignore\"` means ignore this scheduling directive when calculating pod topology spread skew.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Honor", "Ignore"}, @@ -12132,7 +13503,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -12182,7 +13553,8 @@ func schema_k8sio_api_core_v1_TypedObjectReference(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "TypedObjectReference contains enough information to let you locate the typed referenced object", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "apiGroup": { SchemaProps: spec.SchemaProps{ @@ -12239,175 +13611,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -12415,7 +13793,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -12471,6 +13849,13 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O Format: "", }, }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled.", + Type: []string{"string"}, + Format: "", + }, + }, "mountPath": { SchemaProps: spec.SchemaProps{ Description: "Path within the container at which the volume should be mounted. Must not contain ':'.", @@ -12488,7 +13873,7 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O }, "mountPropagation": { SchemaProps: spec.SchemaProps{ - Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", + Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).\n\nPossible enum values:\n - `\"Bidirectional\"` means that the volume in a container will receive new mounts from the host or other containers, and its own mounts will be propagated from the container to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rshared\" in Linux terminology).\n - `\"HostToContainer\"` means that the volume in a container will receive new mounts from the host or other containers, but filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode is recursively applied to all mounts in the volume (\"rslave\" in Linux terminology).\n - `\"None\"` means that the volume in a container will not receive new mounts from the host or other containers, and filesystems mounted inside the container won't be propagated to the host or other containers. Note that this mode corresponds to \"private\" in Linux terminology.", Type: []string{"string"}, Format: "", Enum: []interface{}{"Bidirectional", "HostToContainer", "None"}, @@ -12508,6 +13893,50 @@ func schema_k8sio_api_core_v1_VolumeMount(ref common.ReferenceCallback) common.O } } +func schema_k8sio_api_core_v1_VolumeMountStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeMountStatus shows status of volume mounts.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name corresponds to the name of the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "mountPath": { + SchemaProps: spec.SchemaProps{ + Description: "MountPath corresponds to the original VolumeMount.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "readOnly": { + SchemaProps: spec.SchemaProps{ + Description: "ReadOnly corresponds to the original VolumeMount.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "recursiveReadOnly": { + SchemaProps: spec.SchemaProps{ + Description: "RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, depending on the mount result.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "mountPath"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12518,14 +13947,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -12533,38 +13962,93 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Projection that may be projected along with other supported volume types", + Description: "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), + }, + }, + "clusterTrustBundle": { + SchemaProps: spec.SchemaProps{ + Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "VolumeResourceRequirements describes the storage resource requirements for a volume.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "limits": { + SchemaProps: spec.SchemaProps{ + Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "requests": { + SchemaProps: spec.SchemaProps{ + Description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + resource.Quantity{}.OpenAPIModelName()}, } } @@ -12578,182 +14062,188 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ - Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ - Description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ - Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ - Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ - Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ - Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ - Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ - Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ - Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ - Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ - Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ - Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ - Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ - Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ - Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), + }, + }, + "image": { + SchemaProps: spec.SchemaProps{ + Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -12819,7 +14309,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -12827,7 +14317,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -12861,7 +14351,7 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference }, "hostProcess": { SchemaProps: spec.SchemaProps{ - Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", Type: []string{"boolean"}, Format: "", }, @@ -12872,6 +14362,91 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroup": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroupReplicaKey": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "podGroup"}, + }, + }, + } +} + +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -12902,6 +14477,11 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the versions supported in this group.", Type: []string{"array"}, @@ -12909,7 +14489,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -12919,10 +14499,15 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -12930,7 +14515,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -12941,7 +14526,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -12967,6 +14552,11 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, "groups": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "groups is a list of APIGroup.", Type: []string{"array"}, @@ -12974,7 +14564,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -12985,7 +14575,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -13058,6 +14648,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "shortNames": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "shortNames is a list of suggested short names of the resource.", Type: []string{"array"}, @@ -13073,6 +14668,11 @@ func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.Op }, }, "categories": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", Type: []string{"array"}, @@ -13131,6 +14731,11 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "resources contains the name of the resources and if they are namespaced.", Type: []string{"array"}, @@ -13138,7 +14743,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -13149,7 +14754,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -13175,6 +14780,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "versions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "versions are the api versions that are available.", Type: []string{"array"}, @@ -13190,6 +14800,11 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, "serverAddressByClientCIDRs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", Type: []string{"array"}, @@ -13197,7 +14812,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -13208,7 +14823,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -13234,6 +14849,11 @@ func schema_pkg_apis_meta_v1_ApplyOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13304,8 +14924,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -13329,7 +14948,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -13355,6 +14974,11 @@ func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13420,7 +15044,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -13438,6 +15062,11 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -13452,11 +15081,18 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, }, + "ignoreStoreReadErrorWithClusterBreakingPotential": { + SchemaProps: spec.SchemaProps{ + Description: "if set to true, it will trigger an unsafe deletion of the resource in case the normal deletion flow fails with a corrupt object error. A resource is considered corrupt if it can not be retrieved from the underlying storage successfully because of a) its data can not be transformed e.g. decryption failure, or b) it fails to decode into an object. NOTE: unsafe deletion ignores finalizer constraints, skips precondition checks, and removes the object from the storage. WARNING: This may potentially break the cluster if the workload associated with the resource being unsafe-deleted relies on normal deletion flow. Use only if you REALLY know what you are doing. The default value is false, and the user must opt in to enable it", + Type: []string{"boolean"}, + Format: "", + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -13465,8 +15101,58 @@ func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", - Type: v1.Duration{}.OpenAPISchemaType(), - Format: v1.Duration{}.OpenAPISchemaFormat(), + Type: metav1.Duration{}.OpenAPISchemaType(), + Format: metav1.Duration{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FieldSelectorRequirement is a selector that contains values, a key, and an operator that relates the key and values.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the field selector key that the requirement applies to.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. The list of operators may grow in the future.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, }, }, } @@ -13718,15 +15404,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -13754,6 +15437,11 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, "matchExpressions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", Type: []string{"array"}, @@ -13761,7 +15449,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -13776,7 +15464,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -13788,12 +15476,6 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba Type: []string{"object"}, Properties: map[string]spec.Schema{ "key": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-merge-key": "key", - "x-kubernetes-patch-strategy": "merge", - }, - }, SchemaProps: spec.SchemaProps{ Description: "key is the label key that the selector applies to.", Default: "", @@ -13810,6 +15492,11 @@ func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallba }, }, "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", Type: []string{"array"}, @@ -13856,7 +15543,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -13866,8 +15553,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -13878,7 +15564,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -14051,7 +15737,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -14064,7 +15750,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -14078,7 +15764,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -14087,8 +15773,8 @@ func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.Open Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "MicroTime is version of Time with microsecond level precision.", - Type: v1.MicroTime{}.OpenAPISchemaType(), - Format: v1.MicroTime{}.OpenAPISchemaFormat(), + Type: metav1.MicroTime{}.OpenAPISchemaType(), + Format: metav1.MicroTime{}.OpenAPISchemaFormat(), }, }, } @@ -14153,14 +15839,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -14205,6 +15890,10 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "ownerReferences": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "uid", + }, + "x-kubernetes-list-type": "map", "x-kubernetes-patch-merge-key": "uid", "x-kubernetes-patch-strategy": "merge", }, @@ -14216,7 +15905,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -14225,6 +15914,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "finalizers": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", "x-kubernetes-patch-strategy": "merge", }, }, @@ -14243,6 +15933,11 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, "managedFields": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", Type: []string{"array"}, @@ -14250,7 +15945,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -14260,7 +15955,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -14354,14 +16049,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -14390,7 +16085,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -14401,7 +16096,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -14412,7 +16107,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -14449,6 +16144,11 @@ func schema_pkg_apis_meta_v1_PatchOptions(ref common.ReferenceCallback) common.O }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -14525,6 +16225,11 @@ func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.Open Type: []string{"object"}, Properties: map[string]spec.Schema{ "paths": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "paths are the paths available at root.", Type: []string{"array"}, @@ -14601,7 +16306,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -14628,7 +16333,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI "details": { SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -14642,7 +16347,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -14716,6 +16421,11 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, "causes": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", Type: []string{"array"}, @@ -14723,7 +16433,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -14740,7 +16450,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -14769,10 +16479,15 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.", Type: []string{"array"}, @@ -14780,13 +16495,18 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, }, }, "rows": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "rows is the list of items in the table.", Type: []string{"array"}, @@ -14794,7 +16514,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -14805,7 +16525,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -14905,6 +16625,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Type: []string{"object"}, Properties: map[string]spec.Schema{ "cells": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "cells will be as wide as the column definitions array and may contain strings, numbers (float64 or int64), booleans, simple maps, lists, or null. See the type field of the column definition for a more detailed description.", Type: []string{"array"}, @@ -14919,6 +16644,11 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "conditions describe additional status of a row that are relevant for a human user. These conditions apply to the row, not to the object, and will be specific to table output. The only defined condition type is 'Completed', for a row that indicates a resource that has run to completion and can be given less visual priority.", Type: []string{"array"}, @@ -14926,7 +16656,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -14935,8 +16665,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -14944,7 +16673,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -14997,8 +16726,8 @@ func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDe Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - Type: v1.Time{}.OpenAPISchemaType(), - Format: v1.Time{}.OpenAPISchemaFormat(), + Type: metav1.Time{}.OpenAPISchemaType(), + Format: metav1.Time{}.OpenAPISchemaFormat(), }, }, } @@ -15083,6 +16812,11 @@ func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common. }, }, "dryRun": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", Type: []string{"array"}, @@ -15134,8 +16868,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -15143,7 +16876,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -15234,16 +16967,46 @@ func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) co Properties: map[string]spec.Schema{ "major": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Major is the major version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", }, }, "minor": { SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Description: "Minor is the minor version of the binary version", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMajor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMajor is the major version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "emulationMinor": { + SchemaProps: spec.SchemaProps{ + Description: "EmulationMinor is the minor version of the emulation version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMajor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMajor is the major version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", + }, + }, + "minCompatibilityMinor": { + SchemaProps: spec.SchemaProps{ + Description: "MinCompatibilityMinor is the minor version of the minimum compatibility version", + Type: []string{"string"}, + Format: "", }, }, "gitVersion": { diff --git a/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.35/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml similarity index 99% rename from generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml rename to generated/1.35/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml index f235e0fc5..89f4f6d3b 100644 --- a/generated/1.28/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml +++ b/generated/1.35/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: jwtauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.35/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 99% rename from generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml rename to generated/1.35/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index d42381eef..c972456bd 100644 --- a/generated/1.28/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml +++ b/generated/1.35/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: webhookauthenticators.authentication.concierge.pinniped.dev spec: group: authentication.concierge.pinniped.dev diff --git a/generated/1.27/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.35/crds/config.concierge.pinniped.dev_credentialissuers.yaml similarity index 99% rename from generated/1.27/crds/config.concierge.pinniped.dev_credentialissuers.yaml rename to generated/1.35/crds/config.concierge.pinniped.dev_credentialissuers.yaml index 84f4b9ab8..969fb7fc0 100644 --- a/generated/1.27/crds/config.concierge.pinniped.dev_credentialissuers.yaml +++ b/generated/1.35/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: credentialissuers.config.concierge.pinniped.dev spec: group: config.concierge.pinniped.dev diff --git a/generated/1.27/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.35/crds/config.supervisor.pinniped.dev_federationdomains.yaml similarity index 95% rename from generated/1.27/crds/config.supervisor.pinniped.dev_federationdomains.yaml rename to generated/1.35/crds/config.supervisor.pinniped.dev_federationdomains.yaml index 6b7729815..f61fdba36 100644 --- a/generated/1.27/crds/config.supervisor.pinniped.dev_federationdomains.yaml +++ b/generated/1.35/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: federationdomains.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev @@ -403,8 +403,12 @@ spec: exist. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -415,8 +419,12 @@ spec: encrypting state parameters is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -427,8 +435,12 @@ spec: signing state parameters is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object @@ -439,8 +451,12 @@ spec: signing tokens is stored. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object diff --git a/generated/1.29/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.35/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 99% rename from generated/1.29/crds/config.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.35/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 233ed95cf..ae8f6475e 100644 --- a/generated/1.29/crds/config.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.35/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcclients.config.supervisor.pinniped.dev spec: group: config.supervisor.pinniped.dev diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.35/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml similarity index 99% rename from generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml rename to generated/1.35/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml index 1abf4681b..9ace0a0c6 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml +++ b/generated/1.35/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml b/generated/1.35/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml similarity index 99% rename from generated/1.28/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml rename to generated/1.35/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml index c0b6b1e7b..ef84c1f90 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml +++ b/generated/1.35/crds/idp.supervisor.pinniped.dev_githubidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: githubidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.29/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.35/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml similarity index 99% rename from generated/1.29/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml rename to generated/1.35/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml index f6f1e1877..d9f62e4f1 100644 --- a/generated/1.29/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml +++ b/generated/1.35/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: ldapidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.35/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml similarity index 99% rename from generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml rename to generated/1.35/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml index 2aaec4461..335caff7f 100644 --- a/generated/1.28/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml +++ b/generated/1.35/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.19.0 + controller-gen.kubebuilder.io/version: v0.20.0 name: oidcidentityproviders.idp.supervisor.pinniped.dev spec: group: idp.supervisor.pinniped.dev diff --git a/generated/latest/README.adoc b/generated/latest/README.adoc index f8805ee9c..4bcefa66b 100644 --- a/generated/latest/README.adoc +++ b/generated/latest/README.adoc @@ -23,32 +23,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authenticatio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -60,14 +60,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-claimvalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule"] ==== ClaimValidationRule ClaimValidationRule provides the configuration for a single claim validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -98,14 +98,14 @@ Mutually exclusive with claim and requiredValue. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-extramapping"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping"] ==== ExtraMapping ExtraMapping provides the configuration for a single extra mapping. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$] **** [cols="25a,75a", options="header"] @@ -132,7 +132,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator"] ==== JWTAuthenticator JWTAuthenticator describes the configuration of a JWT authenticator. @@ -142,41 +142,41 @@ signature, existence of claims, etc.) and extract the username and groups from t .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase"] ==== JWTAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] ==== JWTAuthenticatorSpec JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] @@ -185,14 +185,14 @@ JWTAuthenticatorSpec is the spec for configuring a JWT authenticator. | *`issuer`* __string__ | issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + also used to validate the "iss" JWT claim. + | *`audience`* __string__ | audience is the required value of the "aud" JWT claim. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | claims allows customization of the claims that will be mapped to user identity + for Kubernetes access. + -| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + +| *`claimValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-claimvalidationrule[$$ClaimValidationRule$$] array__ | claimValidationRules are rules that are applied to validate token claims to authenticate users. + This is similar to claimValidationRules from Kubernetes AuthenticationConfiguration as documented in + https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + +| *`userValidationRules`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule[$$UserValidationRule$$] array__ | userValidationRules are rules that are applied to final user before completing authentication. + These allow invariants to be applied to incoming identities such as preventing the + use of the system: prefix that is commonly used by Kubernetes components. + The validation rules are logically ANDed together and must all return true for the validation to pass. + @@ -200,29 +200,29 @@ This is similar to claimValidationRules from Kubernetes AuthenticationConfigurat https://kubernetes.io/docs/reference/access-authn-authz/authentication. + This is an advanced configuration option. During an end-user login flow, mistakes in this + configuration will cause the user's login to fail. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | tls is the configuration for communicating with the OIDC provider via TLS. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] ==== JWTAuthenticatorStatus JWTAuthenticatorStatus is the status of a JWT authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorphase[$$JWTAuthenticatorPhase$$]__ | Phase summarizes the overall status of the JWTAuthenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwttokenclaims"] ==== JWTTokenClaims JWTTokenClaims allows customization of the claims that will be mapped to user identity @@ -230,7 +230,7 @@ for Kubernetes access. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -295,7 +295,7 @@ Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + Mutually exclusive with groups. Use either groups or groupsExpression to + determine the user's group membership from the JWT token. + -| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + +| *`extra`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-extramapping[$$ExtraMapping$$] array__ | extra is similar to claimMappings.extra from Kubernetes AuthenticationConfiguration + as documented in https://kubernetes.io/docs/reference/access-authn-authz/authentication. + However, note that the Pinniped Concierge issues client certificates to users for the purpose + @@ -336,34 +336,34 @@ This will result in: + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration on various authenticators. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-uservalidationrule"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-uservalidationrule"] ==== UserValidationRule UserValidationRule provides the configuration for a single user info validation rule. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] **** [cols="25a,75a", options="header"] @@ -383,73 +383,73 @@ message is a literal string. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator"] ==== WebhookAuthenticator WebhookAuthenticator describes the configuration of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase"] ==== WebhookAuthenticatorPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] ==== WebhookAuthenticatorSpec Spec for configuring a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`endpoint`* __string__ | Webhook server endpoint URL. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] ==== WebhookAuthenticatorStatus Status of a webhook authenticator. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of the authenticator's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-authentication-v1alpha1-webhookauthenticatorphase[$$WebhookAuthenticatorPhase$$]__ | Phase summarizes the overall status of the WebhookAuthenticator. + |=== @@ -461,35 +461,35 @@ Package clientsecret is the internal version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -500,14 +500,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -526,36 +526,36 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] ==== OIDCClientSecretRequest OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] ==== OIDCClientSecretRequestSpec Spec of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -566,14 +566,14 @@ Spec of the OIDCClientSecretRequest. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus"] ==== OIDCClientSecretRequestStatus Status of the OIDCClientSecretRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest[$$OIDCClientSecretRequest$$] **** [cols="25a,75a", options="header"] @@ -592,125 +592,125 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuer"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer"] ==== CredentialIssuer CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend"] ==== CredentialIssuerFrontend CredentialIssuerFrontend describes how to connect using a particular integration strategy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + -| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype[$$FrontendType$$]__ | Type describes which frontend mechanism clients can use with a strategy. + +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + This field is only set when Type is "TokenCredentialRequestAPI". + -| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + This field is only set when Type is "ImpersonationProxy". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec"] ==== CredentialIssuerSpec CredentialIssuerSpec describes the intended configuration of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus"] ==== CredentialIssuerStatus CredentialIssuerStatus describes the status of the Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy"] ==== CredentialIssuerStrategy CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + -| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype[$$StrategyType$$]__ | Type of integration attempted. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus[$$StrategyStatus$$]__ | Status of the attempted integration strategy. + +| *`reason`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason[$$StrategyReason$$]__ | Reason for the current status. + | *`message`* __string__ | Human-readable description of the current status. + -| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#time-v1-meta[$$Time$$]__ | When the status was last checked. + -| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | When the status was last checked. + +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-frontendtype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-frontendtype"] ==== FrontendType (string) FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyinfo"] ==== ImpersonationProxyInfo ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -721,7 +721,7 @@ ImpersonationProxyInfo describes the parameters for the impersonation proxy on t |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxymode"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode"] ==== ImpersonationProxyMode (string) ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. @@ -729,25 +729,25 @@ Allowed values are "auto", "enabled", or "disabled". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] ==== ImpersonationProxyServiceSpec ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + +| *`type`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype[$$ImpersonationProxyServiceType$$]__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + @@ -757,7 +757,7 @@ This is not supported on all cloud providers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] ==== ImpersonationProxyServiceType (string) ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. @@ -765,40 +765,40 @@ Allowed values are "LoadBalancer", "ClusterIP", or "None". .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec"] ==== ImpersonationProxySpec ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + +| *`mode`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxymode[$$ImpersonationProxyMode$$]__ | Mode configures whether the impersonation proxy should be started: + - "disabled" explicitly disables the impersonation proxy. This is the default. + - "enabled" explicitly enables the impersonation proxy. + - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + -| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + | *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec[$$ImpersonationProxyTLSSpec$$]__ | TLS contains information about how the Concierge impersonation proxy should serve TLS. + If this field is empty, the impersonation proxy will generate its own TLS certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxytlsspec"] ==== ImpersonationProxyTLSSpec ImpersonationProxyTLSSpec contains information about how the Concierge impersonation proxy should @@ -812,7 +812,7 @@ the impersonation proxy endpoint. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] **** [cols="25a,75a", options="header"] @@ -825,50 +825,50 @@ the TLS serving certificate for the Concierge impersonation proxy endpoint. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategyreason"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategyreason"] ==== StrategyReason (string) StrategyReason enumerates the detailed reason why a strategy is in a particular status. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategystatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategystatus"] ==== StrategyStatus (string) StrategyStatus enumerates whether a strategy is working on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-strategytype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-strategytype"] ==== StrategyType (string) StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] ==== TokenCredentialRequestAPIInfo TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] **** [cols="25a,75a", options="header"] @@ -887,34 +887,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomain"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain"] ==== FederationDomain FederationDomain describes the configuration of an OIDC provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider"] ==== FederationDomainIdentityProvider FederationDomainIdentityProvider describes how an identity provider is made available in this FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -923,62 +923,62 @@ FederationDomainIdentityProvider describes how an identity provider is made avai | *`displayName`* __string__ | DisplayName is the name of this identity provider as it will appear to clients. This name ends up in the + kubeconfig of end users, so changing the name of an identity provider that is in use by end users will be a + disruptive change for those users. + -| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + +| *`objectRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | ObjectRef is a reference to a Pinniped identity provider resource. A valid reference is required. + If the reference cannot be resolved then the identity provider will not be made available. + Must refer to a resource of one of the Pinniped identity provider types, e.g. OIDCIdentityProvider, + LDAPIdentityProvider, ActiveDirectoryIdentityProvider. + -| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + +| *`transforms`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$]__ | Transforms is an optional way to specify transformations to be applied during user authentication and + session refresh. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase"] ==== FederationDomainPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets"] ==== FederationDomainSecrets FederationDomainSecrets holds information about this OIDC Provider's secrets. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + stored. If it is empty, then the signing/verification keys are either unknown or they don't + exist. + -| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing tokens is stored. + -| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + signing state parameters is stored. + -| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + encrypting state parameters is stored. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec"] ==== FederationDomainSpec FederationDomainSpec is a struct that describes an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] @@ -992,8 +992,8 @@ https://example.com/foo/some/path/to/auth/endpoint). + See + https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + -| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS specifies a secret which will contain Transport Layer Security (TLS) configuration for the FederationDomain. + +| *`identityProviders`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] array__ | IdentityProviders is the list of identity providers available for use by this FederationDomain. + An identity provider CR (e.g. OIDCIdentityProvider or LDAPIdentityProvider) describes how to connect to a server, + how to talk in a specific protocol for authentication, and how to use the schema of that server/protocol to + @@ -1018,33 +1018,33 @@ explicitly list the identity provider using this IdentityProviders field. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainstatus"] ==== FederationDomainStatus FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + -| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainphase[$$FederationDomainPhase$$]__ | Phase summarizes the overall status of the FederationDomain. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represent the observations of an FederationDomain's current state. + +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] ==== FederationDomainTLSSpec FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] **** [cols="25a,75a", options="header"] @@ -1070,21 +1070,21 @@ When your Issuer URL's host is an IP address, then this field is ignored. SNI do |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransforms"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms"] ==== FederationDomainTransforms FederationDomainTransforms defines identity transformations for an identity provider's usage on a FederationDomain. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomainidentityprovider[$$FederationDomainIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + -| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + +| *`constants`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant[$$FederationDomainTransformsConstant$$] array__ | Constants defines constant variables and their values which will be made available to the transform expressions. + +| *`expressions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression[$$FederationDomainTransformsExpression$$] array__ | Expressions are an optional list of transforms and policies to be executed in the order given during every + authentication attempt, including during every session refresh. + Each is a CEL expression. It may use the basic CEL language as defined in + https://github.com/google/cel-spec/blob/master/doc/langdef.md plus the CEL string extensions defined in + @@ -1112,7 +1112,7 @@ Any compilation or static type-checking failure of any expression will cause an During an authentication attempt, any unexpected runtime evaluation errors (e.g. division by zero) cause the + authentication attempt to fail. When all expressions evaluate successfully, then the (potentially changed) username + and group names have been decided for that authentication attempt. + -| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + +| *`examples`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] array__ | Examples can optionally be used to ensure that the sequence of transformation expressions are working as + expected. Examples define sample input identities which are then run through the expression list, and the + results are compared to the expected results. If any example in this list fails, then this + identity provider will not be available for use within this FederationDomain, and the error(s) will be + @@ -1121,7 +1121,7 @@ expressions, and also act as living documentation for other administrators to be |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsconstant"] ==== FederationDomainTransformsConstant FederationDomainTransformsConstant defines a constant variable and its value which will be made available to @@ -1129,7 +1129,7 @@ the transform expressions. This is a union type, and Type is the discriminator f .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1143,14 +1143,14 @@ Allowed values are "string" or "stringList". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample"] ==== FederationDomainTransformsExample FederationDomainTransformsExample defines a transform example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1158,19 +1158,19 @@ FederationDomainTransformsExample defines a transform example. | Field | Description | *`username`* __string__ | Username is the input username. + | *`groups`* __string array__ | Groups is the input list of group names. + -| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + +| *`expects`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects[$$FederationDomainTransformsExampleExpects$$]__ | Expects is the expected output of the entire sequence of transforms when they are run against the + input Username and Groups. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexampleexpects"] ==== FederationDomainTransformsExampleExpects FederationDomainTransformsExampleExpects defines the expected result for a transforms example. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexample[$$FederationDomainTransformsExample$$] **** [cols="25a,75a", options="header"] @@ -1190,14 +1190,14 @@ transformation error, such as a runtime error. When Rejected is false, there is |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransformsexpression"] ==== FederationDomainTransformsExpression FederationDomainTransformsExpression defines a transform expression. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-federationdomaintransforms[$$FederationDomainTransforms$$] **** [cols="25a,75a", options="header"] @@ -1211,70 +1211,70 @@ an authentication attempt. When empty, a default message will be used. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-granttype"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype"] ==== GrantType (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient describes the configuration of an OIDC client. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase"] ==== OIDCClientPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec"] ==== OIDCClientSpec OIDCClientSpec is a struct that describes an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + +| *`allowedRedirectURIs`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi[$$RedirectURI$$] array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. + Must be a URI with the https scheme, unless the hostname is 127.0.0.1 or ::1 which may use the http scheme. + Port numbers are not required for 127.0.0.1 or ::1 and are ignored when checking for a matching redirect_uri. + -| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + +| *`allowedGrantTypes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-granttype[$$GrantType$$] array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this + client. + Must only contain the following values: + @@ -1285,7 +1285,7 @@ This grant must be listed if allowedScopes lists offline_access. + - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, + which is a step in the process to be able to get a cluster credential for the user. + This grant must be listed if allowedScopes lists pinniped:request-audience. + -| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + +| *`allowedScopes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope[$$Scope$$] array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: + - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). + @@ -1301,37 +1301,37 @@ Without the username scope being requested and allowed, the ID token will not co - groups: The client is allowed to request that ID tokens contain the user's group membership, + if their group membership is discoverable by the Supervisor. + Without the groups scope being requested and allowed, the ID token will not contain groups. + -| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + +| *`tokenLifetimes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes[$$OIDCClientTokenLifetimes$$]__ | tokenLifetimes are the optional overrides of token lifetimes for an OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientstatus"] ==== OIDCClientStatus OIDCClientStatus is a struct that describes the actual state of an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientphase[$$OIDCClientPhase$$]__ | phase summarizes the overall status of the OIDCClient. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | conditions represent the observations of an OIDCClient's current state. + | *`totalClientSecrets`* __integer__ | totalClientSecrets is the current number of client secrets that are detected for this OIDCClient. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclienttokenlifetimes"] ==== OIDCClientTokenLifetimes OIDCClientTokenLifetimes describes the optional overrides of token lifetimes for an OIDCClient. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** [cols="25a,75a", options="header"] @@ -1350,26 +1350,26 @@ longer lifetimes. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-redirecturi"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-redirecturi"] ==== RedirectURI (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-scope"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-scope"] ==== Scope (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$] **** @@ -1382,19 +1382,19 @@ Package identity is the internal version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1402,18 +1402,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1421,7 +1421,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1432,57 +1432,57 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`Groups`* __string array__ | The names of groups this user is a part of. + -| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`Extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | -| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1494,19 +1494,19 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-extravalue"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue"] ==== ExtraValue (string array) ExtraValue masks the value so protobuf can generate .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] ==== KubernetesUserInfo KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. @@ -1514,18 +1514,18 @@ Copied from the Kubernetes token review API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. + | *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-userinfo"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-userinfo"] ==== UserInfo UserInfo holds the information about the user needed to implement the @@ -1533,7 +1533,7 @@ user.Info interface. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] **** [cols="25a,75a", options="header"] @@ -1544,58 +1544,58 @@ user.Info interface. deleted and another user by the same name is added, they will have + different UIDs. + | *`groups`* __string array__ | The names of groups this user is a part of. + -| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + +| *`extra`* __object (keys:string, values:xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-extravalue[$$ExtraValue$$])__ | Any additional information provided by the authenticator. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest"] ==== WhoAmIRequest WhoAmIRequest submits a request to echo back the current authenticated user. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequestspec"] ==== WhoAmIRequestSpec Spec is always empty for a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequeststatus"] ==== WhoAmIRequestStatus Status is set by the server in the response to a WhoAmIRequest. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. + |=== @@ -1607,34 +1607,34 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity pro -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] ==== ActiveDirectoryIdentityProvider ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] ==== ActiveDirectoryIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1648,14 +1648,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] ==== ActiveDirectoryIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1689,7 +1689,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -1717,14 +1717,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] ==== ActiveDirectoryIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -1741,66 +1741,66 @@ where domain is constructed from the domain components of the group DN. + -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase"] ==== ActiveDirectoryIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] ==== ActiveDirectoryIdentityProviderSpec Spec for configuring an ActiveDirectory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] ==== ActiveDirectoryIdentityProviderStatus Status of an Active Directory identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderphase[$$ActiveDirectoryIdentityProviderPhase$$]__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] ==== ActiveDirectoryIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1824,19 +1824,19 @@ This means that the user is a person, is not a computer, the sAMAccountType is f and is not shown in advanced view only + (which would likely mean its a system created service account with advanced permissions). + Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] ==== ActiveDirectoryIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -1851,32 +1851,32 @@ Optional, when empty this defaults to "objectGUID". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind"] ==== CertificateAuthorityDataSourceKind (string) CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec"] ==== CertificateAuthorityDataSourceSpec CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + +| *`kind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcekind[$$CertificateAuthorityDataSourceKind$$]__ | Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap. + Allowed values are "Secret" or "ConfigMap". + "ConfigMap" uses a Kubernetes configmap to source CA Bundles. + "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles. + @@ -1888,14 +1888,14 @@ certificate bundle. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubapiconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig"] ==== GitHubAPIConfig GitHubAPIConfig allows configuration for GitHub Enterprise Server .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -1909,56 +1909,56 @@ Port is optional. Do not specify a path, query, fragment, or userinfo. + Only specify domain name or IP address, subdomains (optional), and port (optional). + IPv4 and IPv6 are supported. If using an IPv6 address with a port, you must enclose the IPv6 address + in square brackets. Example: "[::1]:443". + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for GitHub Enterprise Server. + Note that this field should not be needed when using GitHub's public API ("github.com"). + However, if you choose to specify this field when using GitHub's public API, you must + specify a CA bundle that will verify connections to "api.github.com". + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec"] ==== GitHubAllowAuthenticationSpec GitHubAllowAuthenticationSpec allows customization of who can authenticate using this IDP and how. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + +| *`organizations`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$]__ | Organizations allows customization of which organizations can authenticate using this IDP. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy"] ==== GitHubAllowedAuthOrganizationsPolicy (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec[$$GitHubOrganizationsSpec$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims"] ==== GitHubClaims GitHubClaims allows customization of the username and groups claims. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + +| *`username`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute[$$GitHubUsernameAttribute$$]__ | Username configures which property of the GitHub user record shall determine the username in Kubernetes. + Can be either "id", "login", or "login:id". Defaults to "login:id". + @@ -1979,7 +1979,7 @@ choice to concatenate the two values. + See the response schema for + [Get the authenticated user](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + -| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + +| *`groups`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute[$$GitHubGroupNameAttribute$$]__ | Groups configures which property of the GitHub team record shall determine the group names in Kubernetes. + Can be either "name" or "slug". Defaults to "slug". + @@ -2000,7 +2000,7 @@ See the response schema for + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclientspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec"] ==== GitHubClientSpec GitHubClientSpec contains information about the GitHub client that this identity provider will use @@ -2008,7 +2008,7 @@ for web-based login flows. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2021,7 +2021,7 @@ This secret must be of type "secrets.pinniped.dev/github-client" with keys "clie |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubgroupnameattribute"] ==== GitHubGroupNameAttribute (string) GitHubGroupNameAttribute allows the user to specify which attribute from GitHub to use for the group @@ -2030,12 +2030,12 @@ names to present to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider"] ==== GitHubIdentityProvider GitHubIdentityProvider describes the configuration of an upstream GitHub identity provider. @@ -2046,85 +2046,85 @@ as OIDCClients. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderlist[$$GitHubIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec[$$GitHubIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase"] ==== GitHubIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus[$$GitHubIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderspec"] ==== GitHubIdentityProviderSpec GitHubIdentityProviderSpec is the spec for configuring an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + -| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + +| *`githubAPI`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$]__ | GitHubAPI allows configuration for GitHub Enterprise Server + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$]__ | Claims allows customization of the username and groups claims. + +| *`allowAuthentication`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$]__ | AllowAuthentication allows customization of who can authenticate using this IDP and how. + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclientspec[$$GitHubClientSpec$$]__ | Client identifies the secret with credentials for a GitHub App or GitHub OAuth2 App (a GitHub client). + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderstatus"] ==== GitHubIdentityProviderStatus GitHubIdentityProviderStatus is the status of an GitHub identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityprovider[$$GitHubIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubidentityproviderphase[$$GitHubIdentityProviderPhase$$]__ | Phase summarizes the overall status of the GitHubIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Conditions represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuborganizationsspec"] ==== GitHubOrganizationsSpec .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowauthenticationspec[$$GitHubAllowAuthenticationSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + +| *`policy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githuballowedauthorganizationspolicy[$$GitHubAllowedAuthOrganizationsPolicy$$]__ | Allowed values are "OnlyUsersFromAllowedOrganizations" or "AllGitHubUsers". + Defaults to "OnlyUsersFromAllowedOrganizations". + Must be set to "AllGitHubUsers" if the allowed field is empty. + @@ -2144,7 +2144,7 @@ If no organizations are listed, you must set organizations: AllGitHubUsers. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubusernameattribute"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubusernameattribute"] ==== GitHubUsernameAttribute (string) GitHubUsernameAttribute allows the user to specify which attribute(s) from GitHub to use for the username to present @@ -2153,12 +2153,12 @@ to Kubernetes. See the response schema for .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubclaims[$$GitHubClaims$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] ==== LDAPIdentityProvider LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access @@ -2166,27 +2166,27 @@ Protocol (LDAP) identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] ==== LDAPIdentityProviderBind .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2200,14 +2200,14 @@ The password must be non-empty. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] ==== LDAPIdentityProviderGroupSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2232,7 +2232,7 @@ the "{}" placeholder in the Filter with the value of the user's "uid" attribute. Optional. When not specified, the default will act as if "dn" were specified. For example, leaving + UserAttributeForFilter unspecified while specifying "&(objectClass=groupOfNames)(member={})" as the Filter + would search for groups by replacing the "{}" placeholder(s) with the dn (distinguished name) of the user. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as + the result of the group search. + | *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor + to obtain new credentials (as their old credentials expire). This allows group + @@ -2260,14 +2260,14 @@ not changed. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] ==== LDAPIdentityProviderGroupSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] **** [cols="25a,75a", options="header"] @@ -2283,66 +2283,66 @@ Optional. When not specified, the default will act as if the GroupName were spec -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase"] ==== LDAPIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] ==== LDAPIdentityProviderSpec Spec for configuring an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + -| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. + +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + -| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + -| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. + +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] ==== LDAPIdentityProviderStatus Status of an LDAP identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderphase[$$LDAPIdentityProviderPhase$$]__ | Phase summarizes the overall status of the LDAPIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] ==== LDAPIdentityProviderUserSearch .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2358,19 +2358,19 @@ Note that the dn (distinguished name) is not an attribute of an entry, so "dn={} Optional. When not specified, the default will act as if the Filter were specified as the value from + Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + explicitly specified, since the default value of "dn={}" would not work. + -| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as + the result of the user search. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] ==== LDAPIdentityProviderUserSearchAttributes .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] **** [cols="25a,75a", options="header"] @@ -2390,7 +2390,7 @@ server in the user's entry. Distinguished names can be used by specifying lower- |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] ==== OIDCAuthorizationConfig OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization @@ -2398,7 +2398,7 @@ request parameters. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2432,7 +2432,7 @@ may ignore scopes that it does not understand or require (see + https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + -| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + @@ -2468,14 +2468,14 @@ allowPasswordGrant defaults to false. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcclaims"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims"] ==== OIDCClaims OIDCClaims provides a mapping from upstream claims into identities. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2499,7 +2499,7 @@ are not available, the "additionalClaims" claim will be excluded from the ID tok |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcclient"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient"] ==== OIDCClient OIDCClient contains information about an OIDC client (e.g., client ID and client @@ -2507,7 +2507,7 @@ secret). .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] @@ -2520,48 +2520,48 @@ struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oid |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] ==== OIDCIdentityProvider OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. + +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase"] ==== OIDCIdentityProviderPhase (string) .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] **** -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] ==== OIDCIdentityProviderSpec OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] @@ -2569,42 +2569,42 @@ OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. | Field | Description | *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + /.well-known/openid-configuration. + -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + -| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. + +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request + parameters to be used with this OIDC identity provider. + -| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from + this OIDC identity provider. + -| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity + provider. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] ==== OIDCIdentityProviderStatus OIDCIdentityProviderStatus is the status of an OIDC identity provider. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + -| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + +| *`phase`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderphase[$$OIDCIdentityProviderPhase$$]__ | Phase summarizes the overall status of the OIDCIdentityProvider. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#condition-v1-meta[$$Condition$$] array__ | Represents the observations of an identity provider's current state. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-parameter"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-parameter"] ==== Parameter Parameter is a key/value pair which represents a parameter in an HTTP request. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] **** [cols="25a,75a", options="header"] @@ -2615,24 +2615,24 @@ Parameter is a key/value pair which represents a parameter in an HTTP request. |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-tlsspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-tlsspec"] ==== TLSSpec TLSSpec provides TLS configuration for identity provider integration. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-githubapiconfig[$$GitHubAPIConfig$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + -| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + +| *`certificateAuthorityDataSource`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-supervisor-idp-v1alpha1-certificateauthoritydatasourcespec[$$CertificateAuthorityDataSourceSpec$$]__ | Reference to a CA bundle in a secret or a configmap. + Any changes to the CA bundle in the secret or configmap will be dynamically reloaded. + |=== @@ -2645,7 +2645,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped login API. -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-clustercredential"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential"] ==== ClusterCredential ClusterCredential is the cluster-specific credential returned on a successful credential request. It @@ -2653,73 +2653,73 @@ contains either a valid bearer token or a valid TLS certificate and correspondin .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. + | *`token`* __string__ | Token is a bearer token used by the client for request authentication. + | *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). + | *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequest"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest"] ==== TokenCredentialRequest TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] ==== TokenCredentialRequestSpec Specification of a TokenCredentialRequest, expected on requests to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. + -| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.33/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. + |=== -[id="{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +[id="{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] ==== TokenCredentialRequestStatus Status of a TokenCredentialRequest, returned on responses to the Pinniped API. .Appears In: **** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] **** [cols="25a,75a", options="header"] |=== | Field | Description -| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-33-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-35-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. + | *`message`* __string__ | An error message will be returned for an unsuccessful credential request. + |=== diff --git a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go index a108b987c..d0fbb1d36 100644 --- a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -28,7 +28,7 @@ import ( // without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. // -// DEPRECATED: NewClientset replaces this with support for field management, which significantly improves +// Deprecated: NewClientset replaces this with support for field management, which significantly improves // server side apply testing. NewClientset is only available when apply configurations are generated (e.g. // via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { @@ -44,8 +44,8 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { var opts metav1.ListOptions - if watchActcion, ok := action.(testing.WatchActionImpl); ok { - opts = watchActcion.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions } gvr := action.GetResource() ns := action.GetNamespace() @@ -76,6 +76,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 9e34733ce..89870636a 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -43,7 +43,7 @@ func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.D // one. This reduces memory footprint and number of connections to the server. func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -68,7 +68,7 @@ func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPerio } return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(ctx, options) }, - }, + }, client), &conciergeauthenticationv1alpha1.JWTAuthenticator{}, resyncPeriod, indexers, diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index 970442ae4..7920460d1 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -43,7 +43,7 @@ func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod ti // one. This reduces memory footprint and number of connections to the server. func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -68,7 +68,7 @@ func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncP } return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(ctx, options) }, - }, + }, client), &conciergeauthenticationv1alpha1.WebhookAuthenticator{}, resyncPeriod, indexers, diff --git a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 5ab0572d9..81e17fd45 100644 --- a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -43,7 +43,7 @@ func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.D // one. This reduces memory footprint and number of connections to the server. func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -68,7 +68,7 @@ func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPerio } return client.ConfigV1alpha1().CredentialIssuers().Watch(ctx, options) }, - }, + }, client), &conciergeconfigv1alpha1.CredentialIssuer{}, resyncPeriod, indexers, diff --git a/generated/latest/client/concierge/informers/externalversions/factory.go b/generated/latest/client/concierge/informers/externalversions/factory.go index 95ded770a..f57c7c37e 100644 --- a/generated/latest/client/concierge/informers/externalversions/factory.go +++ b/generated/latest/client/concierge/informers/externalversions/factory.go @@ -85,6 +85,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -192,7 +193,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. diff --git a/generated/latest/client/concierge/openapi/zz_generated.openapi.go b/generated/latest/client/concierge/openapi/zz_generated.openapi.go index e5302e88f..773961ef1 100644 --- a/generated/latest/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/latest/client/concierge/openapi/zz_generated.openapi.go @@ -10,7 +10,10 @@ package concierge import ( v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -28,289 +31,297 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.ContainerUser": schema_k8sio_api_core_v1_ContainerUser(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostIP": schema_k8sio_api_core_v1_HostIP(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.ImageVolumeSource": schema_k8sio_api_core_v1_ImageVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.LinuxContainerUser": schema_k8sio_api_core_v1_LinuxContainerUser(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.ModifyVolumeStatus": schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeFeatures": schema_k8sio_api_core_v1_NodeFeatures(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSwapStatus": schema_k8sio_api_core_v1_NodeSwapStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodResourceClaimStatus": schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceHealth": schema_k8sio_api_core_v1_ResourceHealth(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.ResourceStatus": schema_k8sio_api_core_v1_ResourceStatus(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.SleepAction": schema_k8sio_api_core_v1_SleepAction(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldSelectorRequirement": schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -443,7 +454,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { @@ -462,7 +473,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -490,7 +501,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -512,7 +523,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -560,7 +571,7 @@ func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.Reference "expirationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "ExpirationTimestamp indicates a time when the provided credentials expire.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "token": { @@ -588,7 +599,7 @@ func schema_apis_concierge_login_v1alpha1_ClusterCredential(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -616,7 +627,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { @@ -635,7 +646,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -663,7 +674,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -685,7 +696,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -707,7 +718,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. SchemaProps: spec.SchemaProps{ Description: "Reference to an authenticator which can validate this credential request.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -715,7 +726,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName()}, } } @@ -800,26 +811,26 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, } } @@ -915,7 +926,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -925,7 +936,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -1099,14 +1110,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1114,7 +1125,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1174,31 +1185,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1206,7 +1217,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1258,7 +1269,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1266,7 +1277,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1374,7 +1385,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1389,7 +1400,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1444,7 +1455,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1459,7 +1470,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1495,7 +1506,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1503,7 +1514,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1539,7 +1550,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1547,7 +1558,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1595,7 +1606,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "optional": { @@ -1618,7 +1629,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -1691,7 +1702,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { @@ -1712,7 +1723,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1722,7 +1733,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1751,7 +1762,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1762,7 +1773,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1773,7 +1784,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1802,7 +1813,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1847,7 +1858,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1946,7 +1957,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1957,7 +1968,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1968,7 +1979,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -2052,7 +2063,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -2069,7 +2080,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2101,7 +2112,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -2125,7 +2136,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -2217,7 +2228,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -2230,13 +2241,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -2260,7 +2271,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -2270,7 +2281,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -2280,13 +2291,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources resize policy for the container.", + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -2294,11 +2305,30 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -2317,7 +2347,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2341,7 +2371,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2350,25 +2380,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2397,7 +2427,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2426,7 +2456,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2552,6 +2620,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2562,26 +2700,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2595,14 +2733,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2645,13 +2783,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2666,7 +2804,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2716,14 +2854,14 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { @@ -2780,7 +2918,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -2789,7 +2927,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "resources": { SchemaProps: spec.SchemaProps{ Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "volumeMounts": { @@ -2810,7 +2948,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), }, }, }, @@ -2819,7 +2957,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "User represents user identity information initially attached to the first process of the container", - Ref: ref("k8s.io/api/core/v1.ContainerUser"), + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), }, }, "allocatedResourcesStatus": { @@ -2840,7 +2978,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceStatus"), + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), }, }, }, @@ -2859,7 +2997,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ContainerUser", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.ResourceStatus", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -2873,14 +3011,14 @@ func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common "linux": { SchemaProps: spec.SchemaProps{ Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", - Ref: ref("k8s.io/api/core/v1.LinuxContainerUser"), + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LinuxContainerUser"}, + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2926,7 +3064,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2936,7 +3074,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2958,13 +3096,13 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2979,7 +3117,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -3003,7 +3141,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -3020,7 +3158,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -3041,14 +3179,14 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) "sizeLimit": { SchemaProps: spec.SchemaProps{ Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -3084,7 +3222,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -3097,7 +3235,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -3170,7 +3308,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -3189,7 +3327,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -3208,7 +3346,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -3218,7 +3356,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -3247,7 +3385,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { @@ -3263,7 +3401,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -3273,7 +3411,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -3302,7 +3440,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3313,7 +3451,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -3324,7 +3462,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3337,7 +3475,7 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3345,20 +3483,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3371,7 +3509,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3387,7 +3525,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3395,7 +3533,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3409,32 +3547,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3526,7 +3670,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3539,13 +3683,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3569,7 +3713,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3579,7 +3723,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3595,7 +3739,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3603,11 +3747,30 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3626,7 +3789,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3650,7 +3813,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3659,25 +3822,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3706,7 +3869,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3742,7 +3905,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3834,7 +3997,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3847,13 +4010,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3877,7 +4040,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3887,7 +4050,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3903,7 +4066,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3911,11 +4074,30 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3934,7 +4116,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3958,7 +4140,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3967,25 +4149,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -4014,7 +4196,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -4043,7 +4225,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -4057,14 +4239,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -4093,14 +4275,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -4121,19 +4303,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -4153,13 +4335,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -4172,7 +4354,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -4196,7 +4378,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -4225,7 +4407,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -4236,7 +4418,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -4247,7 +4429,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -4268,14 +4450,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -4413,6 +4595,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4438,7 +4671,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4469,7 +4702,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4498,7 +4731,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4529,7 +4762,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4722,7 +4955,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4798,7 +5031,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4809,7 +5042,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -5027,7 +5260,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -5042,7 +5275,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -5136,7 +5369,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -5151,7 +5384,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -5230,13 +5463,13 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "stopSignal": { @@ -5251,7 +5484,7 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -5265,32 +5498,32 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "sleep": { SchemaProps: spec.SchemaProps{ Description: "Sleep represents a duration that the container should sleep.", - Ref: ref("k8s.io/api/core/v1.SleepAction"), + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.SleepAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -5319,21 +5552,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5360,7 +5593,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5374,7 +5607,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5388,7 +5621,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5402,7 +5635,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5416,7 +5649,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5427,7 +5660,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5456,7 +5689,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5467,7 +5700,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -5478,7 +5711,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5502,7 +5735,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -5513,7 +5746,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, } } @@ -5592,7 +5825,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5602,7 +5835,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5613,7 +5846,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5658,7 +5891,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5668,7 +5901,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5692,7 +5925,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5702,7 +5935,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5853,28 +6086,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5904,7 +6137,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5926,7 +6159,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5955,7 +6188,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5966,7 +6199,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5977,7 +6210,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6047,7 +6280,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -6057,7 +6290,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -6086,28 +6319,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6151,7 +6384,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { @@ -6167,7 +6400,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -6177,7 +6410,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, } } @@ -6207,13 +6440,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -6235,7 +6468,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -6249,14 +6482,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -6270,19 +6503,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -6296,7 +6529,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -6311,14 +6544,14 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, } } @@ -6367,7 +6600,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6378,7 +6611,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -6389,7 +6622,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6445,14 +6678,14 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) c "features": { SchemaProps: spec.SchemaProps{ Description: "Supported features.", - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, } } @@ -6503,7 +6736,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -6519,7 +6752,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -6594,7 +6827,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6613,7 +6846,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6628,7 +6861,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -6694,7 +6927,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -6703,7 +6936,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -6717,7 +6950,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -6736,7 +6969,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6750,7 +6983,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6782,7 +7015,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6806,7 +7039,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6816,14 +7049,14 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { @@ -6839,7 +7072,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, @@ -6878,7 +7111,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6887,7 +7120,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), }, }, "runtimeHandlers": { @@ -6903,7 +7136,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), }, }, }, @@ -6912,14 +7145,34 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "features": { SchemaProps: spec.SchemaProps{ Description: "Features describes the set of features implemented by the CRI implementation.", - Ref: ref("k8s.io/api/core/v1.NodeFeatures"), + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeFeatures", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7033,7 +7286,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo "swap": { SchemaProps: spec.SchemaProps{ Description: "Swap Info reported by the node.", - Ref: ref("k8s.io/api/core/v1.NodeSwapStatus"), + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), }, }, }, @@ -7041,7 +7294,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSwapStatus"}, + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -7171,28 +7424,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7221,28 +7474,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7272,13 +7525,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -7300,7 +7553,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7329,7 +7582,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7340,7 +7593,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -7351,7 +7604,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7386,14 +7639,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -7421,18 +7674,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).", + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", Type: []string{"string"}, Format: "", }, @@ -7441,7 +7694,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/api/core/v1.VolumeResourceRequirements", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7489,7 +7742,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7513,7 +7766,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -7521,13 +7774,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7540,7 +7793,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -7557,22 +7810,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "currentVolumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, "modifyVolumeStatus": { SchemaProps: spec.SchemaProps{ - Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", - Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ModifyVolumeStatus", "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7587,14 +7840,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -7602,7 +7855,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7660,7 +7913,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7671,7 +7924,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -7682,7 +7935,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7696,140 +7949,140 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi represents storage that is handled by an external CSI driver.", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -7848,7 +8101,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7857,133 +8110,133 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi represents storage that is handled by an external CSI driver.", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { @@ -8015,7 +8268,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -8063,13 +8316,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", Type: []string{"string"}, Format: "", }, @@ -8078,7 +8331,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -8114,14 +8367,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8179,28 +8432,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -8224,7 +8477,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8243,7 +8496,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8253,7 +8506,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -8267,7 +8520,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { @@ -8301,7 +8554,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "matchLabelKeys": { @@ -8349,7 +8602,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -8373,7 +8626,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8386,13 +8639,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8402,7 +8655,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -8468,6 +8721,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8485,7 +8810,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", Type: []string{"integer"}, Format: "int64", }, @@ -8501,13 +8826,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -8529,7 +8854,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8593,7 +8918,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -8603,7 +8928,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -8717,6 +9042,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8764,7 +9132,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -8775,7 +9143,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -8786,7 +9154,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -8842,7 +9210,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -8884,7 +9252,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -9110,13 +9478,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -9188,7 +9556,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -9205,13 +9573,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, "seLinuxChangePolicy": { @@ -9225,7 +9593,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -9239,14 +9607,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -9275,7 +9643,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -9299,7 +9667,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9323,7 +9691,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9347,7 +9715,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -9434,7 +9802,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -9463,7 +9831,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { @@ -9484,7 +9852,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -9507,7 +9875,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -9530,7 +9898,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -9554,7 +9922,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -9577,7 +9945,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { @@ -9593,7 +9961,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -9629,7 +9997,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -9654,7 +10022,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -9669,8 +10037,8 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { @@ -9698,7 +10066,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -9716,13 +10084,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -9730,8 +10098,21 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\" and \"memory\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "workloadRef": { + SchemaProps: spec.SchemaProps{ + Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), }, }, }, @@ -9739,7 +10120,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -9752,7 +10133,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Properties: map[string]spec.Schema{ "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod status was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", Type: []string{"integer"}, Format: "int64", }, @@ -9783,7 +10164,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -9832,7 +10213,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostIP"), + Ref: ref(v1.HostIP{}.OpenAPIModelName()), }, }, }, @@ -9863,7 +10244,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -9872,7 +10253,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { @@ -9888,7 +10269,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9907,7 +10288,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9934,7 +10315,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9965,17 +10346,43 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaimStatus"), + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -10004,21 +10411,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10047,21 +10454,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10090,7 +10497,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10101,7 +10508,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -10112,7 +10519,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10127,21 +10534,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10230,13 +10637,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10258,7 +10665,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -10281,7 +10688,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -10289,7 +10696,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -10303,25 +10710,25 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "TCPSocket specifies a connection to a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ Description: "GRPC specifies a GRPC HealthCheckRequest.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -10370,7 +10777,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10384,32 +10791,32 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "TCPSocket specifies a connection to a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ Description: "GRPC specifies a GRPC HealthCheckRequest.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10433,7 +10840,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -10450,7 +10857,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -10581,7 +10988,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10596,7 +11003,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10669,7 +11076,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10684,7 +11091,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10713,7 +11120,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -10736,7 +11143,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10765,28 +11172,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10816,7 +11223,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10838,7 +11245,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -10867,7 +11274,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10878,7 +11285,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -10889,7 +11296,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10940,14 +11347,14 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "template": { SchemaProps: spec.SchemaProps{ Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -11012,7 +11419,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -11023,7 +11430,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -11081,7 +11488,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11094,7 +11501,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -11152,28 +11559,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11202,7 +11609,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11213,7 +11620,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -11224,7 +11631,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11243,7 +11650,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11273,14 +11680,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -11299,7 +11706,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11313,7 +11720,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11323,7 +11730,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -11342,7 +11749,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11356,7 +11763,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11372,13 +11779,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -11388,7 +11795,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -11423,7 +11830,7 @@ func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceHealth"), + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), }, }, }, @@ -11434,7 +11841,7 @@ func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceHealth"}, + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -11505,7 +11912,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11564,7 +11971,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -11594,7 +12001,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11653,7 +12060,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11677,7 +12084,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -11692,7 +12099,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -11815,7 +12222,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -11867,7 +12274,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11966,7 +12373,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11977,7 +12384,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -11988,7 +12395,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12020,7 +12427,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -12037,7 +12444,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -12100,7 +12507,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -12124,7 +12531,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -12138,7 +12545,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -12151,13 +12558,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -12206,20 +12613,20 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -12248,14 +12655,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -12284,28 +12691,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -12334,7 +12741,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { @@ -12355,7 +12762,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12374,7 +12781,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12391,7 +12798,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -12420,7 +12827,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12431,7 +12838,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -12442,7 +12849,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12507,7 +12914,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12518,7 +12925,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -12529,7 +12936,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12653,7 +13060,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -12802,7 +13209,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -12867,7 +13274,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -12882,7 +13289,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -12903,7 +13310,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -12913,7 +13320,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -12927,14 +13334,14 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, } } @@ -12998,14 +13405,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -13047,14 +13454,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -13150,8 +13557,8 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -13159,7 +13566,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -13179,10 +13586,10 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, }, }, "value": { @@ -13275,7 +13682,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -13290,7 +13697,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -13329,7 +13736,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { @@ -13380,7 +13787,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -13488,181 +13895,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), }, }, "image": { SchemaProps: spec.SchemaProps{ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", - Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -13670,7 +14077,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -13824,14 +14231,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -13845,38 +14252,44 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), }, }, "clusterTrustBundle": { SchemaProps: spec.SchemaProps{ Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", - Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, } } @@ -13895,7 +14308,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13909,7 +14322,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13919,7 +14332,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -13933,188 +14346,188 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), }, }, "image": { SchemaProps: spec.SchemaProps{ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", - Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -14180,7 +14593,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -14188,7 +14601,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -14233,6 +14646,91 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroup": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroupReplicaKey": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "podGroup"}, + }, + }, + } +} + +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -14275,7 +14773,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -14285,7 +14783,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { @@ -14301,7 +14799,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -14312,7 +14810,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14350,7 +14848,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -14361,7 +14859,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -14529,7 +15027,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -14540,7 +15038,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -14598,7 +15096,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -14609,7 +15107,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14710,7 +15208,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -14734,7 +15232,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -14830,7 +15328,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -14878,7 +15376,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -15190,15 +15688,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -15238,7 +15733,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -15253,7 +15748,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -15332,7 +15827,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15342,7 +15837,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -15353,7 +15848,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -15526,7 +16021,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -15539,7 +16034,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -15553,7 +16048,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15628,13 +16123,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -15694,7 +16189,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -15734,7 +16229,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -15744,7 +16239,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15838,14 +16333,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -15874,7 +16369,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15885,7 +16380,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -15896,7 +16391,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -16095,7 +16590,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -16120,14 +16615,9 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -16141,7 +16631,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -16227,7 +16717,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -16244,7 +16734,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -16273,7 +16763,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { @@ -16289,7 +16779,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, @@ -16308,7 +16798,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -16319,7 +16809,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -16450,7 +16940,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -16459,7 +16949,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16467,7 +16957,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -16662,7 +17152,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16670,7 +17160,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go index 1aceb1df1..a92ac66e8 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -26,7 +26,7 @@ import ( // without applying any field management, validations and/or defaults. It shouldn't be considered a replacement // for a real clientset and is mostly useful in simple unit tests. // -// DEPRECATED: NewClientset replaces this with support for field management, which significantly improves +// Deprecated: NewClientset replaces this with support for field management, which significantly improves // server side apply testing. NewClientset is only available when apply configurations are generated (e.g. // via --with-applyconfig). func NewSimpleClientset(objects ...runtime.Object) *Clientset { @@ -42,8 +42,8 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset { cs.AddReactor("*", "*", testing.ObjectReaction(o)) cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { var opts metav1.ListOptions - if watchActcion, ok := action.(testing.WatchActionImpl); ok { - opts = watchActcion.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions } gvr := action.GetResource() ns := action.GetNamespace() @@ -74,6 +74,17 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } +// IsWatchListSemanticsSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + var ( _ clientset.Interface = &Clientset{} _ testing.FakeClient = &Clientset{} diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index 376957ad9..0f422a89e 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -44,7 +44,7 @@ func NewFederationDomainInformer(client versioned.Interface, namespace string, r // one. This reduces memory footprint and number of connections to the server. func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredFederationDomainInformer(client versioned.Interface, namespace s } return client.ConfigV1alpha1().FederationDomains(namespace).Watch(ctx, options) }, - }, + }, client), &supervisorconfigv1alpha1.FederationDomain{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 40478dc27..5d91be88f 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -44,7 +44,7 @@ func NewOIDCClientInformer(client versioned.Interface, namespace string, resyncP // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, } return client.ConfigV1alpha1().OIDCClients(namespace).Watch(ctx, options) }, - }, + }, client), &supervisorconfigv1alpha1.OIDCClient{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/informers/externalversions/factory.go b/generated/latest/client/supervisor/informers/externalversions/factory.go index d87175a8c..6e01e4283 100644 --- a/generated/latest/client/supervisor/informers/externalversions/factory.go +++ b/generated/latest/client/supervisor/informers/externalversions/factory.go @@ -85,6 +85,7 @@ func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Dur // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. // Listers obtained via this SharedInformerFactory will be subject to the same filters // as specified here. +// // Deprecated: Please use NewSharedInformerFactoryWithOptions instead func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) @@ -192,7 +193,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal // // It is typically used like this: // -// ctx, cancel := context.Background() +// ctx, cancel := context.WithCancel(context.Background()) // defer cancel() // factory := NewSharedInformerFactory(client, resyncPeriod) // defer factory.WaitForStop() // Returns immediately if nothing was started. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index ced61f6ed..2b90371c8 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -44,7 +44,7 @@ func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, name // one. This reduces memory footprint and number of connections to the server. func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interfa } return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(ctx, options) }, - }, + }, client), &supervisoridpv1alpha1.ActiveDirectoryIdentityProvider{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go index 9ab96d541..45c5ff93b 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/githubidentityprovider.go @@ -44,7 +44,7 @@ func NewGitHubIdentityProviderInformer(client versioned.Interface, namespace str // one. This reduces memory footprint and number of connections to the server. func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredGitHubIdentityProviderInformer(client versioned.Interface, names } return client.IDPV1alpha1().GitHubIdentityProviders(namespace).Watch(ctx, options) }, - }, + }, client), &supervisoridpv1alpha1.GitHubIdentityProvider{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index 56726552d..912afa30a 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -44,7 +44,7 @@ func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace strin // one. This reduces memory footprint and number of connections to the server. func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespa } return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(ctx, options) }, - }, + }, client), &supervisoridpv1alpha1.LDAPIdentityProvider{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index 588298bc2..40ad6f6c2 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -44,7 +44,7 @@ func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace strin // one. This reduces memory footprint and number of connections to the server. func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( - &cache.ListWatch{ + cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) @@ -69,7 +69,7 @@ func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespa } return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(ctx, options) }, - }, + }, client), &supervisoridpv1alpha1.OIDCIdentityProvider{}, resyncPeriod, indexers, diff --git a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go index 75b1ba7da..a551be304 100644 --- a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go +++ b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go @@ -10,7 +10,10 @@ package supervisor import ( v1 "k8s.io/api/core/v1" + resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + version "k8s.io/apimachinery/pkg/version" common "k8s.io/kube-openapi/pkg/common" spec "k8s.io/kube-openapi/pkg/validation/spec" ) @@ -21,289 +24,297 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), - "k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref), - "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), - "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), - "k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - "k8s.io/api/core/v1.AzureFilePersistentVolumeSource": schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - "k8s.io/api/core/v1.AzureFileVolumeSource": schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - "k8s.io/api/core/v1.Binding": schema_k8sio_api_core_v1_Binding(ref), - "k8s.io/api/core/v1.CSIPersistentVolumeSource": schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CSIVolumeSource": schema_k8sio_api_core_v1_CSIVolumeSource(ref), - "k8s.io/api/core/v1.Capabilities": schema_k8sio_api_core_v1_Capabilities(ref), - "k8s.io/api/core/v1.CephFSPersistentVolumeSource": schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CephFSVolumeSource": schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - "k8s.io/api/core/v1.CinderPersistentVolumeSource": schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - "k8s.io/api/core/v1.CinderVolumeSource": schema_k8sio_api_core_v1_CinderVolumeSource(ref), - "k8s.io/api/core/v1.ClientIPConfig": schema_k8sio_api_core_v1_ClientIPConfig(ref), - "k8s.io/api/core/v1.ClusterTrustBundleProjection": schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - "k8s.io/api/core/v1.ComponentCondition": schema_k8sio_api_core_v1_ComponentCondition(ref), - "k8s.io/api/core/v1.ComponentStatus": schema_k8sio_api_core_v1_ComponentStatus(ref), - "k8s.io/api/core/v1.ComponentStatusList": schema_k8sio_api_core_v1_ComponentStatusList(ref), - "k8s.io/api/core/v1.ConfigMap": schema_k8sio_api_core_v1_ConfigMap(ref), - "k8s.io/api/core/v1.ConfigMapEnvSource": schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - "k8s.io/api/core/v1.ConfigMapKeySelector": schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - "k8s.io/api/core/v1.ConfigMapList": schema_k8sio_api_core_v1_ConfigMapList(ref), - "k8s.io/api/core/v1.ConfigMapNodeConfigSource": schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - "k8s.io/api/core/v1.ConfigMapProjection": schema_k8sio_api_core_v1_ConfigMapProjection(ref), - "k8s.io/api/core/v1.ConfigMapVolumeSource": schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - "k8s.io/api/core/v1.Container": schema_k8sio_api_core_v1_Container(ref), - "k8s.io/api/core/v1.ContainerImage": schema_k8sio_api_core_v1_ContainerImage(ref), - "k8s.io/api/core/v1.ContainerPort": schema_k8sio_api_core_v1_ContainerPort(ref), - "k8s.io/api/core/v1.ContainerResizePolicy": schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - "k8s.io/api/core/v1.ContainerState": schema_k8sio_api_core_v1_ContainerState(ref), - "k8s.io/api/core/v1.ContainerStateRunning": schema_k8sio_api_core_v1_ContainerStateRunning(ref), - "k8s.io/api/core/v1.ContainerStateTerminated": schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - "k8s.io/api/core/v1.ContainerStateWaiting": schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - "k8s.io/api/core/v1.ContainerStatus": schema_k8sio_api_core_v1_ContainerStatus(ref), - "k8s.io/api/core/v1.ContainerUser": schema_k8sio_api_core_v1_ContainerUser(ref), - "k8s.io/api/core/v1.DaemonEndpoint": schema_k8sio_api_core_v1_DaemonEndpoint(ref), - "k8s.io/api/core/v1.DownwardAPIProjection": schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeFile": schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - "k8s.io/api/core/v1.DownwardAPIVolumeSource": schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - "k8s.io/api/core/v1.EmptyDirVolumeSource": schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - "k8s.io/api/core/v1.EndpointAddress": schema_k8sio_api_core_v1_EndpointAddress(ref), - "k8s.io/api/core/v1.EndpointPort": schema_k8sio_api_core_v1_EndpointPort(ref), - "k8s.io/api/core/v1.EndpointSubset": schema_k8sio_api_core_v1_EndpointSubset(ref), - "k8s.io/api/core/v1.Endpoints": schema_k8sio_api_core_v1_Endpoints(ref), - "k8s.io/api/core/v1.EndpointsList": schema_k8sio_api_core_v1_EndpointsList(ref), - "k8s.io/api/core/v1.EnvFromSource": schema_k8sio_api_core_v1_EnvFromSource(ref), - "k8s.io/api/core/v1.EnvVar": schema_k8sio_api_core_v1_EnvVar(ref), - "k8s.io/api/core/v1.EnvVarSource": schema_k8sio_api_core_v1_EnvVarSource(ref), - "k8s.io/api/core/v1.EphemeralContainer": schema_k8sio_api_core_v1_EphemeralContainer(ref), - "k8s.io/api/core/v1.EphemeralContainerCommon": schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - "k8s.io/api/core/v1.EphemeralVolumeSource": schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - "k8s.io/api/core/v1.Event": schema_k8sio_api_core_v1_Event(ref), - "k8s.io/api/core/v1.EventList": schema_k8sio_api_core_v1_EventList(ref), - "k8s.io/api/core/v1.EventSeries": schema_k8sio_api_core_v1_EventSeries(ref), - "k8s.io/api/core/v1.EventSource": schema_k8sio_api_core_v1_EventSource(ref), - "k8s.io/api/core/v1.ExecAction": schema_k8sio_api_core_v1_ExecAction(ref), - "k8s.io/api/core/v1.FCVolumeSource": schema_k8sio_api_core_v1_FCVolumeSource(ref), - "k8s.io/api/core/v1.FlexPersistentVolumeSource": schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - "k8s.io/api/core/v1.FlexVolumeSource": schema_k8sio_api_core_v1_FlexVolumeSource(ref), - "k8s.io/api/core/v1.FlockerVolumeSource": schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource": schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.GRPCAction": schema_k8sio_api_core_v1_GRPCAction(ref), - "k8s.io/api/core/v1.GitRepoVolumeSource": schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource": schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - "k8s.io/api/core/v1.GlusterfsVolumeSource": schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - "k8s.io/api/core/v1.HTTPGetAction": schema_k8sio_api_core_v1_HTTPGetAction(ref), - "k8s.io/api/core/v1.HTTPHeader": schema_k8sio_api_core_v1_HTTPHeader(ref), - "k8s.io/api/core/v1.HostAlias": schema_k8sio_api_core_v1_HostAlias(ref), - "k8s.io/api/core/v1.HostIP": schema_k8sio_api_core_v1_HostIP(ref), - "k8s.io/api/core/v1.HostPathVolumeSource": schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIPersistentVolumeSource": schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ISCSIVolumeSource": schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - "k8s.io/api/core/v1.ImageVolumeSource": schema_k8sio_api_core_v1_ImageVolumeSource(ref), - "k8s.io/api/core/v1.KeyToPath": schema_k8sio_api_core_v1_KeyToPath(ref), - "k8s.io/api/core/v1.Lifecycle": schema_k8sio_api_core_v1_Lifecycle(ref), - "k8s.io/api/core/v1.LifecycleHandler": schema_k8sio_api_core_v1_LifecycleHandler(ref), - "k8s.io/api/core/v1.LimitRange": schema_k8sio_api_core_v1_LimitRange(ref), - "k8s.io/api/core/v1.LimitRangeItem": schema_k8sio_api_core_v1_LimitRangeItem(ref), - "k8s.io/api/core/v1.LimitRangeList": schema_k8sio_api_core_v1_LimitRangeList(ref), - "k8s.io/api/core/v1.LimitRangeSpec": schema_k8sio_api_core_v1_LimitRangeSpec(ref), - "k8s.io/api/core/v1.LinuxContainerUser": schema_k8sio_api_core_v1_LinuxContainerUser(ref), - "k8s.io/api/core/v1.List": schema_k8sio_api_core_v1_List(ref), - "k8s.io/api/core/v1.LoadBalancerIngress": schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - "k8s.io/api/core/v1.LoadBalancerStatus": schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - "k8s.io/api/core/v1.LocalObjectReference": schema_k8sio_api_core_v1_LocalObjectReference(ref), - "k8s.io/api/core/v1.LocalVolumeSource": schema_k8sio_api_core_v1_LocalVolumeSource(ref), - "k8s.io/api/core/v1.ModifyVolumeStatus": schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - "k8s.io/api/core/v1.NFSVolumeSource": schema_k8sio_api_core_v1_NFSVolumeSource(ref), - "k8s.io/api/core/v1.Namespace": schema_k8sio_api_core_v1_Namespace(ref), - "k8s.io/api/core/v1.NamespaceCondition": schema_k8sio_api_core_v1_NamespaceCondition(ref), - "k8s.io/api/core/v1.NamespaceList": schema_k8sio_api_core_v1_NamespaceList(ref), - "k8s.io/api/core/v1.NamespaceSpec": schema_k8sio_api_core_v1_NamespaceSpec(ref), - "k8s.io/api/core/v1.NamespaceStatus": schema_k8sio_api_core_v1_NamespaceStatus(ref), - "k8s.io/api/core/v1.Node": schema_k8sio_api_core_v1_Node(ref), - "k8s.io/api/core/v1.NodeAddress": schema_k8sio_api_core_v1_NodeAddress(ref), - "k8s.io/api/core/v1.NodeAffinity": schema_k8sio_api_core_v1_NodeAffinity(ref), - "k8s.io/api/core/v1.NodeCondition": schema_k8sio_api_core_v1_NodeCondition(ref), - "k8s.io/api/core/v1.NodeConfigSource": schema_k8sio_api_core_v1_NodeConfigSource(ref), - "k8s.io/api/core/v1.NodeConfigStatus": schema_k8sio_api_core_v1_NodeConfigStatus(ref), - "k8s.io/api/core/v1.NodeDaemonEndpoints": schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - "k8s.io/api/core/v1.NodeFeatures": schema_k8sio_api_core_v1_NodeFeatures(ref), - "k8s.io/api/core/v1.NodeList": schema_k8sio_api_core_v1_NodeList(ref), - "k8s.io/api/core/v1.NodeProxyOptions": schema_k8sio_api_core_v1_NodeProxyOptions(ref), - "k8s.io/api/core/v1.NodeRuntimeHandler": schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures": schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - "k8s.io/api/core/v1.NodeSelector": schema_k8sio_api_core_v1_NodeSelector(ref), - "k8s.io/api/core/v1.NodeSelectorRequirement": schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - "k8s.io/api/core/v1.NodeSelectorTerm": schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - "k8s.io/api/core/v1.NodeSpec": schema_k8sio_api_core_v1_NodeSpec(ref), - "k8s.io/api/core/v1.NodeStatus": schema_k8sio_api_core_v1_NodeStatus(ref), - "k8s.io/api/core/v1.NodeSwapStatus": schema_k8sio_api_core_v1_NodeSwapStatus(ref), - "k8s.io/api/core/v1.NodeSystemInfo": schema_k8sio_api_core_v1_NodeSystemInfo(ref), - "k8s.io/api/core/v1.ObjectFieldSelector": schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - "k8s.io/api/core/v1.ObjectReference": schema_k8sio_api_core_v1_ObjectReference(ref), - "k8s.io/api/core/v1.PersistentVolume": schema_k8sio_api_core_v1_PersistentVolume(ref), - "k8s.io/api/core/v1.PersistentVolumeClaim": schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimCondition": schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimList": schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimSpec": schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimStatus": schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate": schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeList": schema_k8sio_api_core_v1_PersistentVolumeList(ref), - "k8s.io/api/core/v1.PersistentVolumeSource": schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - "k8s.io/api/core/v1.PersistentVolumeSpec": schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - "k8s.io/api/core/v1.PersistentVolumeStatus": schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource": schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - "k8s.io/api/core/v1.Pod": schema_k8sio_api_core_v1_Pod(ref), - "k8s.io/api/core/v1.PodAffinity": schema_k8sio_api_core_v1_PodAffinity(ref), - "k8s.io/api/core/v1.PodAffinityTerm": schema_k8sio_api_core_v1_PodAffinityTerm(ref), - "k8s.io/api/core/v1.PodAntiAffinity": schema_k8sio_api_core_v1_PodAntiAffinity(ref), - "k8s.io/api/core/v1.PodAttachOptions": schema_k8sio_api_core_v1_PodAttachOptions(ref), - "k8s.io/api/core/v1.PodCondition": schema_k8sio_api_core_v1_PodCondition(ref), - "k8s.io/api/core/v1.PodDNSConfig": schema_k8sio_api_core_v1_PodDNSConfig(ref), - "k8s.io/api/core/v1.PodDNSConfigOption": schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - "k8s.io/api/core/v1.PodExecOptions": schema_k8sio_api_core_v1_PodExecOptions(ref), - "k8s.io/api/core/v1.PodIP": schema_k8sio_api_core_v1_PodIP(ref), - "k8s.io/api/core/v1.PodList": schema_k8sio_api_core_v1_PodList(ref), - "k8s.io/api/core/v1.PodLogOptions": schema_k8sio_api_core_v1_PodLogOptions(ref), - "k8s.io/api/core/v1.PodOS": schema_k8sio_api_core_v1_PodOS(ref), - "k8s.io/api/core/v1.PodPortForwardOptions": schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - "k8s.io/api/core/v1.PodProxyOptions": schema_k8sio_api_core_v1_PodProxyOptions(ref), - "k8s.io/api/core/v1.PodReadinessGate": schema_k8sio_api_core_v1_PodReadinessGate(ref), - "k8s.io/api/core/v1.PodResourceClaim": schema_k8sio_api_core_v1_PodResourceClaim(ref), - "k8s.io/api/core/v1.PodResourceClaimStatus": schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - "k8s.io/api/core/v1.PodSchedulingGate": schema_k8sio_api_core_v1_PodSchedulingGate(ref), - "k8s.io/api/core/v1.PodSecurityContext": schema_k8sio_api_core_v1_PodSecurityContext(ref), - "k8s.io/api/core/v1.PodSignature": schema_k8sio_api_core_v1_PodSignature(ref), - "k8s.io/api/core/v1.PodSpec": schema_k8sio_api_core_v1_PodSpec(ref), - "k8s.io/api/core/v1.PodStatus": schema_k8sio_api_core_v1_PodStatus(ref), - "k8s.io/api/core/v1.PodStatusResult": schema_k8sio_api_core_v1_PodStatusResult(ref), - "k8s.io/api/core/v1.PodTemplate": schema_k8sio_api_core_v1_PodTemplate(ref), - "k8s.io/api/core/v1.PodTemplateList": schema_k8sio_api_core_v1_PodTemplateList(ref), - "k8s.io/api/core/v1.PodTemplateSpec": schema_k8sio_api_core_v1_PodTemplateSpec(ref), - "k8s.io/api/core/v1.PortStatus": schema_k8sio_api_core_v1_PortStatus(ref), - "k8s.io/api/core/v1.PortworxVolumeSource": schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - "k8s.io/api/core/v1.PreferAvoidPodsEntry": schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - "k8s.io/api/core/v1.PreferredSchedulingTerm": schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - "k8s.io/api/core/v1.Probe": schema_k8sio_api_core_v1_Probe(ref), - "k8s.io/api/core/v1.ProbeHandler": schema_k8sio_api_core_v1_ProbeHandler(ref), - "k8s.io/api/core/v1.ProjectedVolumeSource": schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - "k8s.io/api/core/v1.QuobyteVolumeSource": schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - "k8s.io/api/core/v1.RBDPersistentVolumeSource": schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - "k8s.io/api/core/v1.RBDVolumeSource": schema_k8sio_api_core_v1_RBDVolumeSource(ref), - "k8s.io/api/core/v1.RangeAllocation": schema_k8sio_api_core_v1_RangeAllocation(ref), - "k8s.io/api/core/v1.ReplicationController": schema_k8sio_api_core_v1_ReplicationController(ref), - "k8s.io/api/core/v1.ReplicationControllerCondition": schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - "k8s.io/api/core/v1.ReplicationControllerList": schema_k8sio_api_core_v1_ReplicationControllerList(ref), - "k8s.io/api/core/v1.ReplicationControllerSpec": schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - "k8s.io/api/core/v1.ReplicationControllerStatus": schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - "k8s.io/api/core/v1.ResourceClaim": schema_k8sio_api_core_v1_ResourceClaim(ref), - "k8s.io/api/core/v1.ResourceFieldSelector": schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - "k8s.io/api/core/v1.ResourceHealth": schema_k8sio_api_core_v1_ResourceHealth(ref), - "k8s.io/api/core/v1.ResourceQuota": schema_k8sio_api_core_v1_ResourceQuota(ref), - "k8s.io/api/core/v1.ResourceQuotaList": schema_k8sio_api_core_v1_ResourceQuotaList(ref), - "k8s.io/api/core/v1.ResourceQuotaSpec": schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - "k8s.io/api/core/v1.ResourceQuotaStatus": schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - "k8s.io/api/core/v1.ResourceRequirements": schema_k8sio_api_core_v1_ResourceRequirements(ref), - "k8s.io/api/core/v1.ResourceStatus": schema_k8sio_api_core_v1_ResourceStatus(ref), - "k8s.io/api/core/v1.SELinuxOptions": schema_k8sio_api_core_v1_SELinuxOptions(ref), - "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource": schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - "k8s.io/api/core/v1.ScaleIOVolumeSource": schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - "k8s.io/api/core/v1.ScopeSelector": schema_k8sio_api_core_v1_ScopeSelector(ref), - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement": schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - "k8s.io/api/core/v1.SeccompProfile": schema_k8sio_api_core_v1_SeccompProfile(ref), - "k8s.io/api/core/v1.Secret": schema_k8sio_api_core_v1_Secret(ref), - "k8s.io/api/core/v1.SecretEnvSource": schema_k8sio_api_core_v1_SecretEnvSource(ref), - "k8s.io/api/core/v1.SecretKeySelector": schema_k8sio_api_core_v1_SecretKeySelector(ref), - "k8s.io/api/core/v1.SecretList": schema_k8sio_api_core_v1_SecretList(ref), - "k8s.io/api/core/v1.SecretProjection": schema_k8sio_api_core_v1_SecretProjection(ref), - "k8s.io/api/core/v1.SecretReference": schema_k8sio_api_core_v1_SecretReference(ref), - "k8s.io/api/core/v1.SecretVolumeSource": schema_k8sio_api_core_v1_SecretVolumeSource(ref), - "k8s.io/api/core/v1.SecurityContext": schema_k8sio_api_core_v1_SecurityContext(ref), - "k8s.io/api/core/v1.SerializedReference": schema_k8sio_api_core_v1_SerializedReference(ref), - "k8s.io/api/core/v1.Service": schema_k8sio_api_core_v1_Service(ref), - "k8s.io/api/core/v1.ServiceAccount": schema_k8sio_api_core_v1_ServiceAccount(ref), - "k8s.io/api/core/v1.ServiceAccountList": schema_k8sio_api_core_v1_ServiceAccountList(ref), - "k8s.io/api/core/v1.ServiceAccountTokenProjection": schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - "k8s.io/api/core/v1.ServiceList": schema_k8sio_api_core_v1_ServiceList(ref), - "k8s.io/api/core/v1.ServicePort": schema_k8sio_api_core_v1_ServicePort(ref), - "k8s.io/api/core/v1.ServiceProxyOptions": schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - "k8s.io/api/core/v1.ServiceSpec": schema_k8sio_api_core_v1_ServiceSpec(ref), - "k8s.io/api/core/v1.ServiceStatus": schema_k8sio_api_core_v1_ServiceStatus(ref), - "k8s.io/api/core/v1.SessionAffinityConfig": schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - "k8s.io/api/core/v1.SleepAction": schema_k8sio_api_core_v1_SleepAction(ref), - "k8s.io/api/core/v1.StorageOSPersistentVolumeSource": schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - "k8s.io/api/core/v1.StorageOSVolumeSource": schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - "k8s.io/api/core/v1.Sysctl": schema_k8sio_api_core_v1_Sysctl(ref), - "k8s.io/api/core/v1.TCPSocketAction": schema_k8sio_api_core_v1_TCPSocketAction(ref), - "k8s.io/api/core/v1.Taint": schema_k8sio_api_core_v1_Taint(ref), - "k8s.io/api/core/v1.Toleration": schema_k8sio_api_core_v1_Toleration(ref), - "k8s.io/api/core/v1.TopologySelectorLabelRequirement": schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - "k8s.io/api/core/v1.TopologySelectorTerm": schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - "k8s.io/api/core/v1.TopologySpreadConstraint": schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - "k8s.io/api/core/v1.TypedLocalObjectReference": schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - "k8s.io/api/core/v1.TypedObjectReference": schema_k8sio_api_core_v1_TypedObjectReference(ref), - "k8s.io/api/core/v1.Volume": schema_k8sio_api_core_v1_Volume(ref), - "k8s.io/api/core/v1.VolumeDevice": schema_k8sio_api_core_v1_VolumeDevice(ref), - "k8s.io/api/core/v1.VolumeMount": schema_k8sio_api_core_v1_VolumeMount(ref), - "k8s.io/api/core/v1.VolumeMountStatus": schema_k8sio_api_core_v1_VolumeMountStatus(ref), - "k8s.io/api/core/v1.VolumeNodeAffinity": schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - "k8s.io/api/core/v1.VolumeProjection": schema_k8sio_api_core_v1_VolumeProjection(ref), - "k8s.io/api/core/v1.VolumeResourceRequirements": schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - "k8s.io/api/core/v1.VolumeSource": schema_k8sio_api_core_v1_VolumeSource(ref), - "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource": schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - "k8s.io/api/core/v1.WeightedPodAffinityTerm": schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - "k8s.io/api/core/v1.WindowsSecurityContextOptions": schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldSelectorRequirement": schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -331,7 +342,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { @@ -351,7 +362,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -379,7 +390,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re "metadata": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -401,7 +412,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -516,26 +527,26 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open "nodeAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes node affinity scheduling rules for the pod.", - Ref: ref("k8s.io/api/core/v1.NodeAffinity"), + Ref: ref(v1.NodeAffinity{}.OpenAPIModelName()), }, }, "podAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAffinity"), + Ref: ref(v1.PodAffinity{}.OpenAPIModelName()), }, }, "podAntiAffinity": { SchemaProps: spec.SchemaProps{ Description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - Ref: ref("k8s.io/api/core/v1.PodAntiAffinity"), + Ref: ref(v1.PodAntiAffinity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeAffinity", "k8s.io/api/core/v1.PodAffinity", "k8s.io/api/core/v1.PodAntiAffinity"}, + v1.NodeAffinity{}.OpenAPIModelName(), v1.PodAffinity{}.OpenAPIModelName(), v1.PodAntiAffinity{}.OpenAPIModelName()}, } } @@ -631,7 +642,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferAvoidPodsEntry"), + Ref: ref(v1.PreferAvoidPodsEntry{}.OpenAPIModelName()), }, }, }, @@ -641,7 +652,7 @@ func schema_k8sio_api_core_v1_AvoidPods(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PreferAvoidPodsEntry"}, + v1.PreferAvoidPodsEntry{}.OpenAPIModelName()}, } } @@ -815,14 +826,14 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "target": { SchemaProps: spec.SchemaProps{ Description: "The target object that you want to bind to the standard object.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -830,7 +841,7 @@ func schema_k8sio_api_core_v1_Binding(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -890,31 +901,31 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall "controllerPublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeStageSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "controllerExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "nodeExpandSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -922,7 +933,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -974,7 +985,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm "nodePublishSecretRef": { SchemaProps: spec.SchemaProps{ Description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -982,7 +993,7 @@ func schema_k8sio_api_core_v1_CSIVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1090,7 +1101,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1105,7 +1116,7 @@ func schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1160,7 +1171,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -1175,7 +1186,7 @@ func schema_k8sio_api_core_v1_CephFSVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1211,7 +1222,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, }, @@ -1219,7 +1230,7 @@ func schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -1255,7 +1266,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -1263,7 +1274,7 @@ func schema_k8sio_api_core_v1_CinderVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -1311,7 +1322,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "optional": { @@ -1334,7 +1345,7 @@ func schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref common.ReferenceC }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -1407,7 +1418,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "conditions": { @@ -1428,7 +1439,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentCondition"), + Ref: ref(v1.ComponentCondition{}.OpenAPIModelName()), }, }, }, @@ -1438,7 +1449,7 @@ func schema_k8sio_api_core_v1_ComponentStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ComponentCondition{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1467,7 +1478,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1478,7 +1489,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ComponentStatus"), + Ref: ref(v1.ComponentStatus{}.OpenAPIModelName()), }, }, }, @@ -1489,7 +1500,7 @@ func schema_k8sio_api_core_v1_ComponentStatusList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ComponentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ComponentStatus{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1518,7 +1529,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -1563,7 +1574,7 @@ func schema_k8sio_api_core_v1_ConfigMap(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -1662,7 +1673,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -1673,7 +1684,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ConfigMap"), + Ref: ref(v1.ConfigMap{}.OpenAPIModelName()), }, }, }, @@ -1684,7 +1695,7 @@ func schema_k8sio_api_core_v1_ConfigMapList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ConfigMap{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -1768,7 +1779,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1785,7 +1796,7 @@ func schema_k8sio_api_core_v1_ConfigMapProjection(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1817,7 +1828,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -1841,7 +1852,7 @@ func schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -1933,7 +1944,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -1946,13 +1957,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -1976,7 +1987,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -1986,7 +1997,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -1996,13 +2007,13 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources resize policy for the container.", + Description: "Resources resize policy for the container. This field cannot be set on ephemeral containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -2010,11 +2021,30 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Additionally, setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. The rules are evaluated in order. Once a rule matches a container exit condition, the remaining rules are ignored. If no rule matches the container exit condition, the Container-level restart policy determines the whether the container is restarted or not. Constraints on the rules: - At most 20 rules are allowed. - Rules can have the same action. - Identical rules are not forbidden in validations. When rules are specified, container MUST set RestartPolicy explicitly even it if matches the Pod's RestartPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -2033,7 +2063,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -2057,7 +2087,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -2066,25 +2096,25 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -2113,7 +2143,7 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -2142,7 +2172,45 @@ func schema_k8sio_api_core_v1_Container(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerExtendedResourceRequest has the mapping of container name, extended resource name to the device request name.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "containerName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the container requesting resources.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the extended resource in that container which gets backed by DRA.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "requestName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the request in the special ResourceClaim which corresponds to the extended resource.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"containerName", "resourceName", "requestName"}, + }, + }, } } @@ -2268,6 +2336,76 @@ func schema_k8sio_api_core_v1_ContainerResizePolicy(ref common.ReferenceCallback } } +func schema_k8sio_api_core_v1_ContainerRestartRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRule describes how a container exit is handled.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the action taken on a container exit if the requirements are satisfied. The only possible value is \"Restart\" to restart the container.", + Type: []string{"string"}, + Format: "", + }, + }, + "exitCodes": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the exit codes to check on container exits.", + Ref: ref(v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()), + }, + }, + }, + Required: []string{"action"}, + }, + }, + Dependencies: []string{ + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName()}, + } +} + +func schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ContainerRestartRuleOnExitCodes describes the condition for handling an exited container based on its exit codes.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "Represents the relationship between the container exit code(s) and the specified values. Possible values are: - In: the requirement is satisfied if the container exit code is in the\n set of specified values.\n- NotIn: the requirement is satisfied if the container exit code is\n not in the set of specified values.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Specifies the set of values to check for container exit codes. At most 255 elements are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + }, + Required: []string{"operator"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2278,26 +2416,26 @@ func schema_k8sio_api_core_v1_ContainerState(ref common.ReferenceCallback) commo "waiting": { SchemaProps: spec.SchemaProps{ Description: "Details about a waiting container", - Ref: ref("k8s.io/api/core/v1.ContainerStateWaiting"), + Ref: ref(v1.ContainerStateWaiting{}.OpenAPIModelName()), }, }, "running": { SchemaProps: spec.SchemaProps{ Description: "Details about a running container", - Ref: ref("k8s.io/api/core/v1.ContainerStateRunning"), + Ref: ref(v1.ContainerStateRunning{}.OpenAPIModelName()), }, }, "terminated": { SchemaProps: spec.SchemaProps{ Description: "Details about a terminated container", - Ref: ref("k8s.io/api/core/v1.ContainerStateTerminated"), + Ref: ref(v1.ContainerStateTerminated{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStateRunning", "k8s.io/api/core/v1.ContainerStateTerminated", "k8s.io/api/core/v1.ContainerStateWaiting"}, + v1.ContainerStateRunning{}.OpenAPIModelName(), v1.ContainerStateTerminated{}.OpenAPIModelName(), v1.ContainerStateWaiting{}.OpenAPIModelName()}, } } @@ -2311,14 +2449,14 @@ func schema_k8sio_api_core_v1_ContainerStateRunning(ref common.ReferenceCallback "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container was last (re-)started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2361,13 +2499,13 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb "startedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which previous execution of the container started", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "finishedAt": { SchemaProps: spec.SchemaProps{ Description: "Time at which the container last terminated", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "containerID": { @@ -2382,7 +2520,7 @@ func schema_k8sio_api_core_v1_ContainerStateTerminated(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -2432,14 +2570,14 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "State holds details about the container's current condition.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "lastState": { SchemaProps: spec.SchemaProps{ Description: "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerState"), + Ref: ref(v1.ContainerState{}.OpenAPIModelName()), }, }, "ready": { @@ -2496,7 +2634,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -2505,7 +2643,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "resources": { SchemaProps: spec.SchemaProps{ Description: "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "volumeMounts": { @@ -2526,7 +2664,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMountStatus"), + Ref: ref(v1.VolumeMountStatus{}.OpenAPIModelName()), }, }, }, @@ -2535,7 +2673,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm "user": { SchemaProps: spec.SchemaProps{ Description: "User represents user identity information initially attached to the first process of the container", - Ref: ref("k8s.io/api/core/v1.ContainerUser"), + Ref: ref(v1.ContainerUser{}.OpenAPIModelName()), }, }, "allocatedResourcesStatus": { @@ -2556,7 +2694,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceStatus"), + Ref: ref(v1.ResourceStatus{}.OpenAPIModelName()), }, }, }, @@ -2575,7 +2713,7 @@ func schema_k8sio_api_core_v1_ContainerStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerState", "k8s.io/api/core/v1.ContainerUser", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.ResourceStatus", "k8s.io/api/core/v1.VolumeMountStatus", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ContainerState{}.OpenAPIModelName(), v1.ContainerUser{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.ResourceStatus{}.OpenAPIModelName(), v1.VolumeMountStatus{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -2589,14 +2727,14 @@ func schema_k8sio_api_core_v1_ContainerUser(ref common.ReferenceCallback) common "linux": { SchemaProps: spec.SchemaProps{ Description: "Linux holds user identity information initially attached to the first process of the containers in Linux. Note that the actual running identity can be changed if the process has enough privilege to do so.", - Ref: ref("k8s.io/api/core/v1.LinuxContainerUser"), + Ref: ref(v1.LinuxContainerUser{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LinuxContainerUser"}, + v1.LinuxContainerUser{}.OpenAPIModelName()}, } } @@ -2642,7 +2780,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2652,7 +2790,7 @@ func schema_k8sio_api_core_v1_DownwardAPIProjection(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2674,13 +2812,13 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "mode": { @@ -2695,7 +2833,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector"}, + v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName()}, } } @@ -2719,7 +2857,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeFile"), + Ref: ref(v1.DownwardAPIVolumeFile{}.OpenAPIModelName()), }, }, }, @@ -2736,7 +2874,7 @@ func schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DownwardAPIVolumeFile"}, + v1.DownwardAPIVolumeFile{}.OpenAPIModelName()}, } } @@ -2757,14 +2895,14 @@ func schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref common.ReferenceCallback) "sizeLimit": { SchemaProps: spec.SchemaProps{ Description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -2800,7 +2938,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm "targetRef": { SchemaProps: spec.SchemaProps{ Description: "Reference to object providing the endpoint.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -2813,7 +2951,7 @@ func schema_k8sio_api_core_v1_EndpointAddress(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -2886,7 +3024,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -2905,7 +3043,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointAddress"), + Ref: ref(v1.EndpointAddress{}.OpenAPIModelName()), }, }, }, @@ -2924,7 +3062,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointPort"), + Ref: ref(v1.EndpointPort{}.OpenAPIModelName()), }, }, }, @@ -2934,7 +3072,7 @@ func schema_k8sio_api_core_v1_EndpointSubset(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointAddress", "k8s.io/api/core/v1.EndpointPort"}, + v1.EndpointAddress{}.OpenAPIModelName(), v1.EndpointPort{}.OpenAPIModelName()}, } } @@ -2963,7 +3101,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "subsets": { @@ -2979,7 +3117,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EndpointSubset"), + Ref: ref(v1.EndpointSubset{}.OpenAPIModelName()), }, }, }, @@ -2989,7 +3127,7 @@ func schema_k8sio_api_core_v1_Endpoints(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EndpointSubset", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.EndpointSubset{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -3018,7 +3156,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3029,7 +3167,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Endpoints"), + Ref: ref(v1.Endpoints{}.OpenAPIModelName()), }, }, }, @@ -3040,7 +3178,7 @@ func schema_k8sio_api_core_v1_EndpointsList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Endpoints", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Endpoints{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3053,7 +3191,7 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common Properties: map[string]spec.Schema{ "prefix": { SchemaProps: spec.SchemaProps{ - Description: "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER.", + Description: "Optional text to prepend to the name of each environment variable. May consist of any printable ASCII characters except '='.", Type: []string{"string"}, Format: "", }, @@ -3061,20 +3199,20 @@ func schema_k8sio_api_core_v1_EnvFromSource(ref common.ReferenceCallback) common "configMapRef": { SchemaProps: spec.SchemaProps{ Description: "The ConfigMap to select from", - Ref: ref("k8s.io/api/core/v1.ConfigMapEnvSource"), + Ref: ref(v1.ConfigMapEnvSource{}.OpenAPIModelName()), }, }, "secretRef": { SchemaProps: spec.SchemaProps{ Description: "The Secret to select from", - Ref: ref("k8s.io/api/core/v1.SecretEnvSource"), + Ref: ref(v1.SecretEnvSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapEnvSource", "k8s.io/api/core/v1.SecretEnvSource"}, + v1.ConfigMapEnvSource{}.OpenAPIModelName(), v1.SecretEnvSource{}.OpenAPIModelName()}, } } @@ -3087,7 +3225,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the environment variable. Must be a C_IDENTIFIER.", + Description: "Name of the environment variable. May consist of any printable ASCII characters except '='.", Default: "", Type: []string{"string"}, Format: "", @@ -3103,7 +3241,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP "valueFrom": { SchemaProps: spec.SchemaProps{ Description: "Source for the environment variable's value. Cannot be used if value is not empty.", - Ref: ref("k8s.io/api/core/v1.EnvVarSource"), + Ref: ref(v1.EnvVarSource{}.OpenAPIModelName()), }, }, }, @@ -3111,7 +3249,7 @@ func schema_k8sio_api_core_v1_EnvVar(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EnvVarSource"}, + v1.EnvVarSource{}.OpenAPIModelName()}, } } @@ -3125,32 +3263,38 @@ func schema_k8sio_api_core_v1_EnvVarSource(ref common.ReferenceCallback) common. "fieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", - Ref: ref("k8s.io/api/core/v1.ObjectFieldSelector"), + Ref: ref(v1.ObjectFieldSelector{}.OpenAPIModelName()), }, }, "resourceFieldRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - Ref: ref("k8s.io/api/core/v1.ResourceFieldSelector"), + Ref: ref(v1.ResourceFieldSelector{}.OpenAPIModelName()), }, }, "configMapKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a ConfigMap.", - Ref: ref("k8s.io/api/core/v1.ConfigMapKeySelector"), + Ref: ref(v1.ConfigMapKeySelector{}.OpenAPIModelName()), }, }, "secretKeyRef": { SchemaProps: spec.SchemaProps{ Description: "Selects a key of a secret in the pod's namespace", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref(v1.SecretKeySelector{}.OpenAPIModelName()), + }, + }, + "fileKeyRef": { + SchemaProps: spec.SchemaProps{ + Description: "FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.", + Ref: ref(v1.FileKeySelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapKeySelector", "k8s.io/api/core/v1.ObjectFieldSelector", "k8s.io/api/core/v1.ResourceFieldSelector", "k8s.io/api/core/v1.SecretKeySelector"}, + v1.ConfigMapKeySelector{}.OpenAPIModelName(), v1.FileKeySelector{}.OpenAPIModelName(), v1.ObjectFieldSelector{}.OpenAPIModelName(), v1.ResourceFieldSelector{}.OpenAPIModelName(), v1.SecretKeySelector{}.OpenAPIModelName()}, } } @@ -3242,7 +3386,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3255,13 +3399,13 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3285,7 +3429,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3295,7 +3439,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3311,7 +3455,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3319,11 +3463,30 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3342,7 +3505,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3366,7 +3529,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3375,25 +3538,25 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3422,7 +3585,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3458,7 +3621,7 @@ func schema_k8sio_api_core_v1_EphemeralContainer(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3550,7 +3713,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerPort"), + Ref: ref(v1.ContainerPort{}.OpenAPIModelName()), }, }, }, @@ -3563,13 +3726,13 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, SchemaProps: spec.SchemaProps{ - Description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + Description: "List of sources to populate environment variables in the container. The keys defined within a source may consist of any printable ASCII characters except '='. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvFromSource"), + Ref: ref(v1.EnvFromSource{}.OpenAPIModelName()), }, }, }, @@ -3593,7 +3756,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EnvVar"), + Ref: ref(v1.EnvVar{}.OpenAPIModelName()), }, }, }, @@ -3603,7 +3766,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), }, }, "resizePolicy": { @@ -3619,7 +3782,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerResizePolicy"), + Ref: ref(v1.ContainerResizePolicy{}.OpenAPIModelName()), }, }, }, @@ -3627,11 +3790,30 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, "restartPolicy": { SchemaProps: spec.SchemaProps{ - Description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + Description: "Restart policy for the container to manage the restart behavior of each container within a pod. You cannot set this field on ephemeral containers.", Type: []string{"string"}, Format: "", }, }, + "restartPolicyRules": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents a list of rules to be checked to determine if the container should be restarted on exit. You cannot set this field on ephemeral containers.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerRestartRule{}.OpenAPIModelName()), + }, + }, + }, + }, + }, "volumeMounts": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -3650,7 +3832,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeMount"), + Ref: ref(v1.VolumeMount{}.OpenAPIModelName()), }, }, }, @@ -3674,7 +3856,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeDevice"), + Ref: ref(v1.VolumeDevice{}.OpenAPIModelName()), }, }, }, @@ -3683,25 +3865,25 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "livenessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ Description: "Probes are not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Probe"), + Ref: ref(v1.Probe{}.OpenAPIModelName()), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ Description: "Lifecycle is not allowed for ephemeral containers.", - Ref: ref("k8s.io/api/core/v1.Lifecycle"), + Ref: ref(v1.Lifecycle{}.OpenAPIModelName()), }, }, "terminationMessagePath": { @@ -3730,7 +3912,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb "securityContext": { SchemaProps: spec.SchemaProps{ Description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", - Ref: ref("k8s.io/api/core/v1.SecurityContext"), + Ref: ref(v1.SecurityContext{}.OpenAPIModelName()), }, }, "stdin": { @@ -3759,7 +3941,7 @@ func schema_k8sio_api_core_v1_EphemeralContainerCommon(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerPort", "k8s.io/api/core/v1.ContainerResizePolicy", "k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.Probe", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.SecurityContext", "k8s.io/api/core/v1.VolumeDevice", "k8s.io/api/core/v1.VolumeMount"}, + v1.ContainerPort{}.OpenAPIModelName(), v1.ContainerResizePolicy{}.OpenAPIModelName(), v1.ContainerRestartRule{}.OpenAPIModelName(), v1.EnvFromSource{}.OpenAPIModelName(), v1.EnvVar{}.OpenAPIModelName(), v1.Lifecycle{}.OpenAPIModelName(), v1.Probe{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.SecurityContext{}.OpenAPIModelName(), v1.VolumeDevice{}.OpenAPIModelName(), v1.VolumeMount{}.OpenAPIModelName()}, } } @@ -3773,14 +3955,14 @@ func schema_k8sio_api_core_v1_EphemeralVolumeSource(ref common.ReferenceCallback "volumeClaimTemplate": { SchemaProps: spec.SchemaProps{ Description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimTemplate"), + Ref: ref(v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimTemplate"}, + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName()}, } } @@ -3809,14 +3991,14 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "involvedObject": { SchemaProps: spec.SchemaProps{ Description: "The object that this event is about.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reason": { @@ -3837,19 +4019,19 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "The component reporting this event. Should be a short machine understandable string.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EventSource"), + Ref: ref(v1.EventSource{}.OpenAPIModelName()), }, }, "firstTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTimestamp": { SchemaProps: spec.SchemaProps{ Description: "The time at which the most recent occurrence of this event was recorded.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "count": { @@ -3869,13 +4051,13 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "eventTime": { SchemaProps: spec.SchemaProps{ Description: "Time when this Event was first observed.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, "series": { SchemaProps: spec.SchemaProps{ Description: "Data about the Event series this event represents or nil if it's a singleton Event.", - Ref: ref("k8s.io/api/core/v1.EventSeries"), + Ref: ref(v1.EventSeries{}.OpenAPIModelName()), }, }, "action": { @@ -3888,7 +4070,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI "related": { SchemaProps: spec.SchemaProps{ Description: "Optional secondary object for more complex actions.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "reportingComponent": { @@ -3912,7 +4094,7 @@ func schema_k8sio_api_core_v1_Event(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.EventSeries", "k8s.io/api/core/v1.EventSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.EventSeries{}.OpenAPIModelName(), v1.EventSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.MicroTime{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -3941,7 +4123,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -3952,7 +4134,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Event"), + Ref: ref(v1.Event{}.OpenAPIModelName()), }, }, }, @@ -3963,7 +4145,7 @@ func schema_k8sio_api_core_v1_EventList(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Event", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Event{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -3984,14 +4166,14 @@ func schema_k8sio_api_core_v1_EventSeries(ref common.ReferenceCallback) common.O "lastObservedTime": { SchemaProps: spec.SchemaProps{ Description: "Time of the last occurrence observed", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"), + Ref: ref(metav1.MicroTime{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"}, + metav1.MicroTime{}.OpenAPIModelName()}, } } @@ -4129,6 +4311,57 @@ func schema_k8sio_api_core_v1_FCVolumeSource(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_FileKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "FileKeySelector selects a key of the env file.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "volumeName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the volume mount containing the env file.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "path": { + SchemaProps: spec.SchemaProps{ + Description: "The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers.\n\nIf optional is set to false and the specified key does not exist, an error will be returned during Pod creation.", + Default: false, + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"volumeName", "path", "key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4154,7 +4387,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4185,7 +4418,7 @@ func schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4214,7 +4447,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -4245,7 +4478,7 @@ func schema_k8sio_api_core_v1_FlexVolumeSource(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4438,7 +4671,7 @@ func schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref common.ReferenceCallback Properties: map[string]spec.Schema{ "endpoints": { SchemaProps: spec.SchemaProps{ - Description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + Description: "endpoints is the endpoint name that details Glusterfs topology.", Default: "", Type: []string{"string"}, Format: "", @@ -4514,7 +4747,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HTTPHeader"), + Ref: ref(v1.HTTPHeader{}.OpenAPIModelName()), }, }, }, @@ -4525,7 +4758,7 @@ func schema_k8sio_api_core_v1_HTTPGetAction(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.HTTPHeader", "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + v1.HTTPHeader{}.OpenAPIModelName(), "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } @@ -4743,7 +4976,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4758,7 +4991,7 @@ func schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -4852,7 +5085,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "initiatorName": { @@ -4867,7 +5100,7 @@ func schema_k8sio_api_core_v1_ISCSIVolumeSource(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -4946,13 +5179,13 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope "postStart": { SchemaProps: spec.SchemaProps{ Description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "preStop": { SchemaProps: spec.SchemaProps{ Description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - Ref: ref("k8s.io/api/core/v1.LifecycleHandler"), + Ref: ref(v1.LifecycleHandler{}.OpenAPIModelName()), }, }, "stopSignal": { @@ -4967,7 +5200,7 @@ func schema_k8sio_api_core_v1_Lifecycle(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LifecycleHandler"}, + v1.LifecycleHandler{}.OpenAPIModelName()}, } } @@ -4981,32 +5214,32 @@ func schema_k8sio_api_core_v1_LifecycleHandler(ref common.ReferenceCallback) com "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for backward compatibility. There is no validation of this field and lifecycle hooks will fail at runtime when it is specified.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "sleep": { SchemaProps: spec.SchemaProps{ Description: "Sleep represents a duration that the container should sleep.", - Ref: ref("k8s.io/api/core/v1.SleepAction"), + Ref: ref(v1.SleepAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.SleepAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.SleepAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -5035,21 +5268,21 @@ func schema_k8sio_api_core_v1_LimitRange(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeSpec"), + Ref: ref(v1.LimitRangeSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LimitRangeSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5076,7 +5309,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5090,7 +5323,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5104,7 +5337,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5118,7 +5351,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5132,7 +5365,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -5143,7 +5376,7 @@ func schema_k8sio_api_core_v1_LimitRangeItem(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -5172,7 +5405,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5183,7 +5416,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRange"), + Ref: ref(v1.LimitRange{}.OpenAPIModelName()), }, }, }, @@ -5194,7 +5427,7 @@ func schema_k8sio_api_core_v1_LimitRangeList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRange", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.LimitRange{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5218,7 +5451,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LimitRangeItem"), + Ref: ref(v1.LimitRangeItem{}.OpenAPIModelName()), }, }, }, @@ -5229,7 +5462,7 @@ func schema_k8sio_api_core_v1_LimitRangeSpec(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LimitRangeItem"}, + v1.LimitRangeItem{}.OpenAPIModelName()}, } } @@ -5308,7 +5541,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5318,7 +5551,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -5329,7 +5562,7 @@ func schema_k8sio_api_core_v1_List(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -5374,7 +5607,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PortStatus"), + Ref: ref(v1.PortStatus{}.OpenAPIModelName()), }, }, }, @@ -5384,7 +5617,7 @@ func schema_k8sio_api_core_v1_LoadBalancerIngress(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PortStatus"}, + v1.PortStatus{}.OpenAPIModelName()}, } } @@ -5408,7 +5641,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerIngress"), + Ref: ref(v1.LoadBalancerIngress{}.OpenAPIModelName()), }, }, }, @@ -5418,7 +5651,7 @@ func schema_k8sio_api_core_v1_LoadBalancerStatus(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerIngress"}, + v1.LoadBalancerIngress{}.OpenAPIModelName()}, } } @@ -5569,28 +5802,28 @@ func schema_k8sio_api_core_v1_Namespace(ref common.ReferenceCallback) common.Ope SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceSpec"), + Ref: ref(v1.NamespaceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceStatus"), + Ref: ref(v1.NamespaceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceSpec", "k8s.io/api/core/v1.NamespaceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NamespaceSpec{}.OpenAPIModelName(), v1.NamespaceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5620,7 +5853,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5642,7 +5875,7 @@ func schema_k8sio_api_core_v1_NamespaceCondition(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5671,7 +5904,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -5682,7 +5915,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Namespace"), + Ref: ref(v1.Namespace{}.OpenAPIModelName()), }, }, }, @@ -5693,7 +5926,7 @@ func schema_k8sio_api_core_v1_NamespaceList(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Namespace", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Namespace{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -5763,7 +5996,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NamespaceCondition"), + Ref: ref(v1.NamespaceCondition{}.OpenAPIModelName()), }, }, }, @@ -5773,7 +6006,7 @@ func schema_k8sio_api_core_v1_NamespaceStatus(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NamespaceCondition"}, + v1.NamespaceCondition{}.OpenAPIModelName()}, } } @@ -5802,28 +6035,28 @@ func schema_k8sio_api_core_v1_Node(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSpec"), + Ref: ref(v1.NodeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeStatus"), + Ref: ref(v1.NodeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSpec", "k8s.io/api/core/v1.NodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.NodeSpec{}.OpenAPIModelName(), v1.NodeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -5867,7 +6100,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. "requiredDuringSchedulingIgnoredDuringExecution": { SchemaProps: spec.SchemaProps{ Description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, "preferredDuringSchedulingIgnoredDuringExecution": { @@ -5883,7 +6116,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PreferredSchedulingTerm"), + Ref: ref(v1.PreferredSchedulingTerm{}.OpenAPIModelName()), }, }, }, @@ -5893,7 +6126,7 @@ func schema_k8sio_api_core_v1_NodeAffinity(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector", "k8s.io/api/core/v1.PreferredSchedulingTerm"}, + v1.NodeSelector{}.OpenAPIModelName(), v1.PreferredSchedulingTerm{}.OpenAPIModelName()}, } } @@ -5923,13 +6156,13 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we got an update on a given condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transit from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -5951,7 +6184,7 @@ func schema_k8sio_api_core_v1_NodeCondition(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -5965,14 +6198,14 @@ func schema_k8sio_api_core_v1_NodeConfigSource(ref common.ReferenceCallback) com "configMap": { SchemaProps: spec.SchemaProps{ Description: "ConfigMap is a reference to a Node's ConfigMap", - Ref: ref("k8s.io/api/core/v1.ConfigMapNodeConfigSource"), + Ref: ref(v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMapNodeConfigSource"}, + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName()}, } } @@ -5986,19 +6219,19 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com "assigned": { SchemaProps: spec.SchemaProps{ Description: "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "active": { SchemaProps: spec.SchemaProps{ Description: "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "lastKnownGood": { SchemaProps: spec.SchemaProps{ Description: "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "error": { @@ -6012,7 +6245,7 @@ func schema_k8sio_api_core_v1_NodeConfigStatus(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource"}, + v1.NodeConfigSource{}.OpenAPIModelName()}, } } @@ -6027,14 +6260,14 @@ func schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Endpoint on which Kubelet is listening.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.DaemonEndpoint"), + Ref: ref(v1.DaemonEndpoint{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.DaemonEndpoint"}, + v1.DaemonEndpoint{}.OpenAPIModelName()}, } } @@ -6083,7 +6316,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -6094,7 +6327,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Node"), + Ref: ref(v1.Node{}.OpenAPIModelName()), }, }, }, @@ -6105,7 +6338,7 @@ func schema_k8sio_api_core_v1_NodeList(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Node", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Node{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -6161,14 +6394,14 @@ func schema_k8sio_api_core_v1_NodeRuntimeHandler(ref common.ReferenceCallback) c "features": { SchemaProps: spec.SchemaProps{ Description: "Supported features.", - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"), + Ref: ref(v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeRuntimeHandlerFeatures"}, + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName()}, } } @@ -6219,7 +6452,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -6235,7 +6468,7 @@ func schema_k8sio_api_core_v1_NodeSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -6310,7 +6543,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6329,7 +6562,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorRequirement"), + Ref: ref(v1.NodeSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -6344,7 +6577,7 @@ func schema_k8sio_api_core_v1_NodeSelectorTerm(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorRequirement"}, + v1.NodeSelectorRequirement{}.OpenAPIModelName()}, } } @@ -6410,7 +6643,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Taint"), + Ref: ref(v1.Taint{}.OpenAPIModelName()), }, }, }, @@ -6419,7 +6652,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open "configSource": { SchemaProps: spec.SchemaProps{ Description: "Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.", - Ref: ref("k8s.io/api/core/v1.NodeConfigSource"), + Ref: ref(v1.NodeConfigSource{}.OpenAPIModelName()), }, }, "externalID": { @@ -6433,7 +6666,7 @@ func schema_k8sio_api_core_v1_NodeSpec(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeConfigSource", "k8s.io/api/core/v1.Taint"}, + v1.NodeConfigSource{}.OpenAPIModelName(), v1.Taint{}.OpenAPIModelName()}, } } @@ -6452,7 +6685,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6466,7 +6699,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -6498,7 +6731,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeCondition"), + Ref: ref(v1.NodeCondition{}.OpenAPIModelName()), }, }, }, @@ -6522,7 +6755,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeAddress"), + Ref: ref(v1.NodeAddress{}.OpenAPIModelName()), }, }, }, @@ -6532,14 +6765,14 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Endpoints of daemons running on the Node.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeDaemonEndpoints"), + Ref: ref(v1.NodeDaemonEndpoints{}.OpenAPIModelName()), }, }, "nodeInfo": { SchemaProps: spec.SchemaProps{ Description: "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/reference/node/node-status/#info", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSystemInfo"), + Ref: ref(v1.NodeSystemInfo{}.OpenAPIModelName()), }, }, "images": { @@ -6555,7 +6788,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerImage"), + Ref: ref(v1.ContainerImage{}.OpenAPIModelName()), }, }, }, @@ -6594,7 +6827,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.AttachedVolume"), + Ref: ref(v1.AttachedVolume{}.OpenAPIModelName()), }, }, }, @@ -6603,7 +6836,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "config": { SchemaProps: spec.SchemaProps{ Description: "Status of the config assigned to the node via the dynamic Kubelet config feature.", - Ref: ref("k8s.io/api/core/v1.NodeConfigStatus"), + Ref: ref(v1.NodeConfigStatus{}.OpenAPIModelName()), }, }, "runtimeHandlers": { @@ -6619,7 +6852,7 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeRuntimeHandler"), + Ref: ref(v1.NodeRuntimeHandler{}.OpenAPIModelName()), }, }, }, @@ -6628,14 +6861,34 @@ func schema_k8sio_api_core_v1_NodeStatus(ref common.ReferenceCallback) common.Op "features": { SchemaProps: spec.SchemaProps{ Description: "Features describes the set of features implemented by the CRI implementation.", - Ref: ref("k8s.io/api/core/v1.NodeFeatures"), + Ref: ref(v1.NodeFeatures{}.OpenAPIModelName()), + }, + }, + "declaredFeatures": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "DeclaredFeatures represents the features related to feature gates that are declared by the node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AttachedVolume", "k8s.io/api/core/v1.ContainerImage", "k8s.io/api/core/v1.NodeAddress", "k8s.io/api/core/v1.NodeCondition", "k8s.io/api/core/v1.NodeConfigStatus", "k8s.io/api/core/v1.NodeDaemonEndpoints", "k8s.io/api/core/v1.NodeFeatures", "k8s.io/api/core/v1.NodeRuntimeHandler", "k8s.io/api/core/v1.NodeSystemInfo", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AttachedVolume{}.OpenAPIModelName(), v1.ContainerImage{}.OpenAPIModelName(), v1.NodeAddress{}.OpenAPIModelName(), v1.NodeCondition{}.OpenAPIModelName(), v1.NodeConfigStatus{}.OpenAPIModelName(), v1.NodeDaemonEndpoints{}.OpenAPIModelName(), v1.NodeFeatures{}.OpenAPIModelName(), v1.NodeRuntimeHandler{}.OpenAPIModelName(), v1.NodeSystemInfo{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -6749,7 +7002,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo "swap": { SchemaProps: spec.SchemaProps{ Description: "Swap Info reported by the node.", - Ref: ref("k8s.io/api/core/v1.NodeSwapStatus"), + Ref: ref(v1.NodeSwapStatus{}.OpenAPIModelName()), }, }, }, @@ -6757,7 +7010,7 @@ func schema_k8sio_api_core_v1_NodeSystemInfo(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSwapStatus"}, + v1.NodeSwapStatus{}.OpenAPIModelName()}, } } @@ -6887,28 +7140,28 @@ func schema_k8sio_api_core_v1_PersistentVolume(ref common.ReferenceCallback) com SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeSpec"), + Ref: ref(v1.PersistentVolumeSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeStatus"), + Ref: ref(v1.PersistentVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeSpec", "k8s.io/api/core/v1.PersistentVolumeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeSpec{}.OpenAPIModelName(), v1.PersistentVolumeStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6937,28 +7190,28 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaim(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimStatus"), + Ref: ref(v1.PersistentVolumeClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/api/core/v1.PersistentVolumeClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -6988,13 +7241,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "lastProbeTime is the time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -7016,7 +7269,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7045,7 +7298,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7056,7 +7309,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + Ref: ref(v1.PersistentVolumeClaim{}.OpenAPIModelName()), }, }, }, @@ -7067,7 +7320,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolumeClaim{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7102,14 +7355,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "selector": { SchemaProps: spec.SchemaProps{ Description: "selector is a label query over volumes to consider for binding.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + Description: "resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeResourceRequirements"), + Ref: ref(v1.VolumeResourceRequirements{}.OpenAPIModelName()), }, }, "volumeName": { @@ -7137,18 +7390,18 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall "dataSource": { SchemaProps: spec.SchemaProps{ Description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", - Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + Ref: ref(v1.TypedLocalObjectReference{}.OpenAPIModelName()), }, }, "dataSourceRef": { SchemaProps: spec.SchemaProps{ Description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", - Ref: ref("k8s.io/api/core/v1.TypedObjectReference"), + Ref: ref(v1.TypedObjectReference{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).", + Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/", Type: []string{"string"}, Format: "", }, @@ -7157,7 +7410,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TypedLocalObjectReference", "k8s.io/api/core/v1.TypedObjectReference", "k8s.io/api/core/v1.VolumeResourceRequirements", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + v1.TypedLocalObjectReference{}.OpenAPIModelName(), v1.TypedObjectReference{}.OpenAPIModelName(), v1.VolumeResourceRequirements{}.OpenAPIModelName(), metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -7205,7 +7458,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7229,7 +7482,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimCondition"), + Ref: ref(v1.PersistentVolumeClaimCondition{}.OpenAPIModelName()), }, }, }, @@ -7237,13 +7490,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "allocatedResources": { SchemaProps: spec.SchemaProps{ - Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7256,7 +7509,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + Description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -7273,22 +7526,22 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref common.ReferenceCa }, "currentVolumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", + Description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim", Type: []string{"string"}, Format: "", }, }, "modifyVolumeStatus": { SchemaProps: spec.SchemaProps{ - Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", - Ref: ref("k8s.io/api/core/v1.ModifyVolumeStatus"), + Description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted.", + Ref: ref(v1.ModifyVolumeStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ModifyVolumeStatus", "k8s.io/api/core/v1.PersistentVolumeClaimCondition", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ModifyVolumeStatus{}.OpenAPIModelName(), v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7303,14 +7556,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference SchemaProps: spec.SchemaProps{ Description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), + Ref: ref(v1.PersistentVolumeClaimSpec{}.OpenAPIModelName()), }, }, }, @@ -7318,7 +7571,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7376,7 +7629,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -7387,7 +7640,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PersistentVolume"), + Ref: ref(v1.PersistentVolume{}.OpenAPIModelName()), }, }, }, @@ -7398,7 +7651,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeList(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PersistentVolume", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PersistentVolume{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -7412,140 +7665,140 @@ func schema_k8sio_api_core_v1_PersistentVolumeSource(ref common.ReferenceCallbac "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi represents storage that is handled by an external CSI driver.", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -7564,7 +7817,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -7573,133 +7826,133 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ Description: "glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsPersistentVolumeSource"), + Ref: ref(v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDPersistentVolumeSource"), + Ref: ref(v1.RBDPersistentVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - Ref: ref("k8s.io/api/core/v1.ISCSIPersistentVolumeSource"), + Ref: ref(v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderPersistentVolumeSource"), + Ref: ref(v1.CinderPersistentVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSPersistentVolumeSource"), + Ref: ref(v1.CephFSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"), + Ref: ref(v1.FlexPersistentVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFilePersistentVolumeSource"), + Ref: ref(v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOPersistentVolumeSource"), + Ref: ref(v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName()), }, }, "local": { SchemaProps: spec.SchemaProps{ Description: "local represents directly-attached storage with node affinity", - Ref: ref("k8s.io/api/core/v1.LocalVolumeSource"), + Ref: ref(v1.LocalVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. More info: https://examples.k8s.io/volumes/storageos/README.md", - Ref: ref("k8s.io/api/core/v1.StorageOSPersistentVolumeSource"), + Ref: ref(v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi represents storage that is handled by an external CSI driver.", - Ref: ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"), + Ref: ref(v1.CSIPersistentVolumeSource{}.OpenAPIModelName()), }, }, "accessModes": { @@ -7731,7 +7984,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, SchemaProps: spec.SchemaProps{ Description: "claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, "persistentVolumeReclaimPolicy": { @@ -7779,13 +8032,13 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, "nodeAffinity": { SchemaProps: spec.SchemaProps{ - Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - Ref: ref("k8s.io/api/core/v1.VolumeNodeAffinity"), + Description: "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume. This field is mutable if MutablePVNodeAffinity feature gate is enabled.", + Ref: ref(v1.VolumeNodeAffinity{}.OpenAPIModelName()), }, }, "volumeAttributesClassName": { SchemaProps: spec.SchemaProps{ - Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", + Description: "Name of VolumeAttributesClass to which this persistent volume belongs. Empty value is not allowed. When this field is not set, it indicates that this volume does not belong to any VolumeAttributesClass. This field is mutable and can be changed by the CSI driver after a volume has been updated successfully to a new class. For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound PersistentVolumeClaims during the binding process.", Type: []string{"string"}, Format: "", }, @@ -7794,7 +8047,7 @@ func schema_k8sio_api_core_v1_PersistentVolumeSpec(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderPersistentVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsPersistentVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(), v1.CSIPersistentVolumeSource{}.OpenAPIModelName(), v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(), v1.CinderPersistentVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexPersistentVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(), v1.LocalVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDPersistentVolumeSource{}.OpenAPIModelName(), v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(), v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(), v1.VolumeNodeAffinity{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -7830,14 +8083,14 @@ func schema_k8sio_api_core_v1_PersistentVolumeStatus(ref common.ReferenceCallbac "lastPhaseTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -7895,28 +8148,28 @@ func schema_k8sio_api_core_v1_Pod(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -7940,7 +8193,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7959,7 +8212,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -7969,7 +8222,7 @@ func schema_k8sio_api_core_v1_PodAffinity(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -7983,7 +8236,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "namespaces": { @@ -8017,7 +8270,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm "namespaceSelector": { SchemaProps: spec.SchemaProps{ Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "matchLabelKeys": { @@ -8065,7 +8318,7 @@ func schema_k8sio_api_core_v1_PodAffinityTerm(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -8089,7 +8342,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8102,13 +8355,13 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, SchemaProps: spec.SchemaProps{ - Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + Description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and subtracting \"weight\" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.WeightedPodAffinityTerm"), + Ref: ref(v1.WeightedPodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -8118,7 +8371,7 @@ func schema_k8sio_api_core_v1_PodAntiAffinity(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm", "k8s.io/api/core/v1.WeightedPodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName(), v1.WeightedPodAffinityTerm{}.OpenAPIModelName()}, } } @@ -8184,6 +8437,78 @@ func schema_k8sio_api_core_v1_PodAttachOptions(ref common.ReferenceCallback) com } } +func schema_k8sio_api_core_v1_PodCertificateProjection(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodCertificateProjection provides a private key and X.509 certificate in the pod filesystem.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "signerName": { + SchemaProps: spec.SchemaProps{ + Description: "Kubelet's generated CSRs will be addressed to this signer.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyType": { + SchemaProps: spec.SchemaProps{ + Description: "The type of keypair Kubelet will generate for the pod.\n\nValid values are \"RSA3072\", \"RSA4096\", \"ECDSAP256\", \"ECDSAP384\", \"ECDSAP521\", and \"ED25519\".", + Type: []string{"string"}, + Format: "", + }, + }, + "maxExpirationSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "maxExpirationSeconds is the maximum lifetime permitted for the certificate.\n\nKubelet copies this value verbatim into the PodCertificateRequests it generates for this projection.\n\nIf omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days).\n\nThe signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "credentialBundlePath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the credential bundle at this path in the projected volume.\n\nThe credential bundle is a single file that contains multiple PEM blocks. The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private key.\n\nThe remaining blocks are CERTIFICATE blocks, containing the issued certificate chain from the signer (leaf and any intermediates).\n\nUsing credentialBundlePath lets your Pod's application code make a single atomic read that retrieves a consistent key and certificate chain. If you project them to separate files, your application code will need to additionally check that the leaf certificate was issued to the key.", + Type: []string{"string"}, + Format: "", + }, + }, + "keyPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the key at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "certificateChainPath": { + SchemaProps: spec.SchemaProps{ + Description: "Write the certificate chain at this path in the projected volume.\n\nMost applications should use credentialBundlePath. When using keyPath and certificateChainPath, your application needs to check that the key and leaf certificate are consistent, because it is possible to read the files mid-rotation.", + Type: []string{"string"}, + Format: "", + }, + }, + "userAnnotations": { + SchemaProps: spec.SchemaProps{ + Description: "userAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way.\n\nThese values are copied verbatim into the `spec.unverifiedUserAnnotations` field of the PodCertificateRequest objects that Kubelet creates.\n\nEntries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field.\n\nSigners should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"signerName", "keyType"}, + }, + }, + } +} + func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8201,7 +8526,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Description: "If set, this represents the .metadata.generation that the pod condition was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", Type: []string{"integer"}, Format: "int64", }, @@ -8217,13 +8542,13 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. "lastProbeTime": { SchemaProps: spec.SchemaProps{ Description: "Last time we probed the condition.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "Last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -8245,7 +8570,7 @@ func schema_k8sio_api_core_v1_PodCondition(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8309,7 +8634,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodDNSConfigOption"), + Ref: ref(v1.PodDNSConfigOption{}.OpenAPIModelName()), }, }, }, @@ -8319,7 +8644,7 @@ func schema_k8sio_api_core_v1_PodDNSConfig(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodDNSConfigOption"}, + v1.PodDNSConfigOption{}.OpenAPIModelName()}, } } @@ -8433,6 +8758,49 @@ func schema_k8sio_api_core_v1_PodExecOptions(ref common.ReferenceCallback) commo } } +func schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PodExtendedResourceClaimStatus is stored in the PodStatus for the extended resource requests backed by DRA. It stores the generated name for the corresponding special ResourceClaim created by the scheduler.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "requestMappings": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "RequestMappings identifies the mapping of to device request in the generated ResourceClaim.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref(v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resourceClaimName": { + SchemaProps: spec.SchemaProps{ + Description: "ResourceClaimName is the name of the ResourceClaim that was generated for the Pod in the namespace of the Pod.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"requestMappings", "resourceClaimName"}, + }, + }, + Dependencies: []string{ + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName()}, + } +} + func schema_k8sio_api_core_v1_PodIP(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -8480,7 +8848,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -8491,7 +8859,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Pod"), + Ref: ref(v1.Pod{}.OpenAPIModelName()), }, }, }, @@ -8502,7 +8870,7 @@ func schema_k8sio_api_core_v1_PodList(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Pod", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Pod{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -8558,7 +8926,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common "sinceTime": { SchemaProps: spec.SchemaProps{ Description: "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "timestamps": { @@ -8600,7 +8968,7 @@ func schema_k8sio_api_core_v1_PodLogOptions(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -8826,13 +9194,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -8904,7 +9272,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Sysctl"), + Ref: ref(v1.Sysctl{}.OpenAPIModelName()), }, }, }, @@ -8921,13 +9289,13 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, "seLinuxChangePolicy": { @@ -8941,7 +9309,7 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.Sysctl{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -8955,14 +9323,14 @@ func schema_k8sio_api_core_v1_PodSignature(ref common.ReferenceCallback) common. "podController": { SchemaProps: spec.SchemaProps{ Description: "Reference to controller whose pods should avoid this node.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"}, + metav1.OwnerReference{}.OpenAPIModelName()}, } } @@ -8991,7 +9359,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Volume"), + Ref: ref(v1.Volume{}.OpenAPIModelName()), }, }, }, @@ -9015,7 +9383,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9039,7 +9407,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Container"), + Ref: ref(v1.Container{}.OpenAPIModelName()), }, }, }, @@ -9063,7 +9431,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.EphemeralContainer"), + Ref: ref(v1.EphemeralContainer{}.OpenAPIModelName()), }, }, }, @@ -9150,7 +9518,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "hostNetwork": { SchemaProps: spec.SchemaProps{ - Description: "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + Description: "Host networking requested for this pod. Use the host's network namespace. When using HostNetwork you should specify ports so the scheduler is aware. When `hostNetwork` is true, specified `hostPort` fields in port definitions must match `containerPort`, and unspecified `hostPort` fields in port definitions are defaulted to match `containerPort`. Default to false.", Type: []string{"boolean"}, Format: "", }, @@ -9179,7 +9547,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + Ref: ref(v1.PodSecurityContext{}.OpenAPIModelName()), }, }, "imagePullSecrets": { @@ -9200,7 +9568,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -9223,7 +9591,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "affinity": { SchemaProps: spec.SchemaProps{ Description: "If specified, the pod's scheduling constraints", - Ref: ref("k8s.io/api/core/v1.Affinity"), + Ref: ref(v1.Affinity{}.OpenAPIModelName()), }, }, "schedulerName": { @@ -9246,7 +9614,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), + Ref: ref(v1.Toleration{}.OpenAPIModelName()), }, }, }, @@ -9270,7 +9638,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostAlias"), + Ref: ref(v1.HostAlias{}.OpenAPIModelName()), }, }, }, @@ -9293,7 +9661,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA "dnsConfig": { SchemaProps: spec.SchemaProps{ Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - Ref: ref("k8s.io/api/core/v1.PodDNSConfig"), + Ref: ref(v1.PodDNSConfig{}.OpenAPIModelName()), }, }, "readinessGates": { @@ -9309,7 +9677,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodReadinessGate"), + Ref: ref(v1.PodReadinessGate{}.OpenAPIModelName()), }, }, }, @@ -9345,7 +9713,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -9370,7 +9738,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + Ref: ref(v1.TopologySpreadConstraint{}.OpenAPIModelName()), }, }, }, @@ -9385,8 +9753,8 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "os": { SchemaProps: spec.SchemaProps{ - Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", - Ref: ref("k8s.io/api/core/v1.PodOS"), + Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.resources - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + Ref: ref(v1.PodOS{}.OpenAPIModelName()), }, }, "hostUsers": { @@ -9414,7 +9782,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSchedulingGate"), + Ref: ref(v1.PodSchedulingGate{}.OpenAPIModelName()), }, }, }, @@ -9432,13 +9800,13 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, SchemaProps: spec.SchemaProps{ - Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + Description: "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is a stable field but requires that the DynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaim"), + Ref: ref(v1.PodResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -9446,8 +9814,21 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\" and \"memory\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", - Ref: ref("k8s.io/api/core/v1.ResourceRequirements"), + Description: "Resources is the total amount of CPU and Memory resources required by all containers in the pod. It supports specifying Requests and Limits for \"cpu\", \"memory\" and \"hugepages-\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the entire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature gate.", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, + "hostnameOverride": { + SchemaProps: spec.SchemaProps{ + Description: "HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. This field only specifies the pod's hostname and does not affect its DNS records. When this field is set to a non-empty string: - It takes precedence over the values set in `hostname` and `subdomain`. - The Pod's hostname will be set to this value. - `setHostnameAsFQDN` must be nil or set to false. - `hostNetwork` must be set to false.\n\nThis field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. Requires the HostnameOverride feature gate to be enabled.", + Type: []string{"string"}, + Format: "", + }, + }, + "workloadRef": { + SchemaProps: spec.SchemaProps{ + Description: "WorkloadRef provides a reference to the Workload object that this Pod belongs to. This field is used by the scheduler to identify the PodGroup and apply the correct group scheduling policies. The Workload object referenced by this field may not exist at the time the Pod is created. This field is immutable, but a Workload object with the same name may be recreated with different policies. Doing this during pod scheduling may result in the placement not conforming to the expected policies.", + Ref: ref(v1.WorkloadReference{}.OpenAPIModelName()), }, }, }, @@ -9455,7 +9836,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EphemeralContainer", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodOS", "k8s.io/api/core/v1.PodReadinessGate", "k8s.io/api/core/v1.PodResourceClaim", "k8s.io/api/core/v1.PodSchedulingGate", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.ResourceRequirements", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.Affinity{}.OpenAPIModelName(), v1.Container{}.OpenAPIModelName(), v1.EphemeralContainer{}.OpenAPIModelName(), v1.HostAlias{}.OpenAPIModelName(), v1.LocalObjectReference{}.OpenAPIModelName(), v1.PodDNSConfig{}.OpenAPIModelName(), v1.PodOS{}.OpenAPIModelName(), v1.PodReadinessGate{}.OpenAPIModelName(), v1.PodResourceClaim{}.OpenAPIModelName(), v1.PodSchedulingGate{}.OpenAPIModelName(), v1.PodSecurityContext{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), v1.Toleration{}.OpenAPIModelName(), v1.TopologySpreadConstraint{}.OpenAPIModelName(), v1.Volume{}.OpenAPIModelName(), v1.WorkloadReference{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -9468,7 +9849,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Properties: map[string]spec.Schema{ "observedGeneration": { SchemaProps: spec.SchemaProps{ - Description: "If set, this represents the .metadata.generation that the pod status was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.", + Description: "If set, this represents the .metadata.generation that the pod status was set based upon. The PodObservedGenerationTracking feature gate must be enabled to use this field.", Type: []string{"integer"}, Format: "int64", }, @@ -9499,7 +9880,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodCondition"), + Ref: ref(v1.PodCondition{}.OpenAPIModelName()), }, }, }, @@ -9548,7 +9929,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.HostIP"), + Ref: ref(v1.HostIP{}.OpenAPIModelName()), }, }, }, @@ -9579,7 +9960,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodIP"), + Ref: ref(v1.PodIP{}.OpenAPIModelName()), }, }, }, @@ -9588,7 +9969,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope "startTime": { SchemaProps: spec.SchemaProps{ Description: "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "initContainerStatuses": { @@ -9604,7 +9985,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9623,7 +10004,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9650,7 +10031,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ContainerStatus"), + Ref: ref(v1.ContainerStatus{}.OpenAPIModelName()), }, }, }, @@ -9681,17 +10062,43 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodResourceClaimStatus"), + Ref: ref(v1.PodResourceClaimStatus{}.OpenAPIModelName()), }, }, }, }, }, + "extendedResourceClaimStatus": { + SchemaProps: spec.SchemaProps{ + Description: "Status of extended resource claim backed by DRA.", + Ref: ref(v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName()), + }, + }, + "allocatedResources": { + SchemaProps: spec.SchemaProps{ + Description: "AllocatedResources is the total requests allocated for this pod by the node. If pod-level requests are not set, this will be the total requests aggregated across containers in the pod.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref(resource.Quantity{}.OpenAPIModelName()), + }, + }, + }, + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "Resources represents the compute resource requests and limits that have been applied at the pod level if pod-level requests or limits are set in PodSpec.Resources", + Ref: ref(v1.ResourceRequirements{}.OpenAPIModelName()), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ContainerStatus", "k8s.io/api/core/v1.HostIP", "k8s.io/api/core/v1.PodCondition", "k8s.io/api/core/v1.PodIP", "k8s.io/api/core/v1.PodResourceClaimStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.ContainerStatus{}.OpenAPIModelName(), v1.HostIP{}.OpenAPIModelName(), v1.PodCondition{}.OpenAPIModelName(), v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(), v1.PodIP{}.OpenAPIModelName(), v1.PodResourceClaimStatus{}.OpenAPIModelName(), v1.ResourceRequirements{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9720,21 +10127,21 @@ func schema_k8sio_api_core_v1_PodStatusResult(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodStatus"), + Ref: ref(v1.PodStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9763,21 +10170,21 @@ func schema_k8sio_api_core_v1_PodTemplate(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "template": { SchemaProps: spec.SchemaProps{ Description: "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodTemplateSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9806,7 +10213,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -9817,7 +10224,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodTemplate"), + Ref: ref(v1.PodTemplate{}.OpenAPIModelName()), }, }, }, @@ -9828,7 +10235,7 @@ func schema_k8sio_api_core_v1_PodTemplateList(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplate", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.PodTemplate{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -9843,21 +10250,21 @@ func schema_k8sio_api_core_v1_PodTemplateSpec(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSpec"), + Ref: ref(v1.PodSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.PodSpec{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -9946,13 +10353,13 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The class of pods.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodSignature"), + Ref: ref(v1.PodSignature{}.OpenAPIModelName()), }, }, "evictionTime": { SchemaProps: spec.SchemaProps{ Description: "Time at which this entry was added to the list.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -9974,7 +10381,7 @@ func schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodSignature", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + v1.PodSignature{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -9997,7 +10404,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "A node selector term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.NodeSelectorTerm"), + Ref: ref(v1.NodeSelectorTerm{}.OpenAPIModelName()), }, }, }, @@ -10005,7 +10412,7 @@ func schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelectorTerm"}, + v1.NodeSelectorTerm{}.OpenAPIModelName()}, } } @@ -10019,25 +10426,25 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "TCPSocket specifies a connection to a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ Description: "GRPC specifies a GRPC HealthCheckRequest.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, "initialDelaySeconds": { @@ -10086,7 +10493,7 @@ func schema_k8sio_api_core_v1_Probe(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10100,32 +10507,32 @@ func schema_k8sio_api_core_v1_ProbeHandler(ref common.ReferenceCallback) common. "exec": { SchemaProps: spec.SchemaProps{ Description: "Exec specifies a command to execute in the container.", - Ref: ref("k8s.io/api/core/v1.ExecAction"), + Ref: ref(v1.ExecAction{}.OpenAPIModelName()), }, }, "httpGet": { SchemaProps: spec.SchemaProps{ Description: "HTTPGet specifies an HTTP GET request to perform.", - Ref: ref("k8s.io/api/core/v1.HTTPGetAction"), + Ref: ref(v1.HTTPGetAction{}.OpenAPIModelName()), }, }, "tcpSocket": { SchemaProps: spec.SchemaProps{ Description: "TCPSocket specifies a connection to a TCP port.", - Ref: ref("k8s.io/api/core/v1.TCPSocketAction"), + Ref: ref(v1.TCPSocketAction{}.OpenAPIModelName()), }, }, "grpc": { SchemaProps: spec.SchemaProps{ Description: "GRPC specifies a GRPC HealthCheckRequest.", - Ref: ref("k8s.io/api/core/v1.GRPCAction"), + Ref: ref(v1.GRPCAction{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ExecAction", "k8s.io/api/core/v1.GRPCAction", "k8s.io/api/core/v1.HTTPGetAction", "k8s.io/api/core/v1.TCPSocketAction"}, + v1.ExecAction{}.OpenAPIModelName(), v1.GRPCAction{}.OpenAPIModelName(), v1.HTTPGetAction{}.OpenAPIModelName(), v1.TCPSocketAction{}.OpenAPIModelName()}, } } @@ -10149,7 +10556,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.VolumeProjection"), + Ref: ref(v1.VolumeProjection{}.OpenAPIModelName()), }, }, }, @@ -10166,7 +10573,7 @@ func schema_k8sio_api_core_v1_ProjectedVolumeSource(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.VolumeProjection"}, + v1.VolumeProjection{}.OpenAPIModelName()}, } } @@ -10297,7 +10704,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10312,7 +10719,7 @@ func schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -10385,7 +10792,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "readOnly": { @@ -10400,7 +10807,7 @@ func schema_k8sio_api_core_v1_RBDVolumeSource(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -10429,7 +10836,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "range": { @@ -10452,7 +10859,7 @@ func schema_k8sio_api_core_v1_RangeAllocation(ref common.ReferenceCallback) comm }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10481,28 +10888,28 @@ func schema_k8sio_api_core_v1_ReplicationController(ref common.ReferenceCallback SchemaProps: spec.SchemaProps{ Description: "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerSpec"), + Ref: ref(v1.ReplicationControllerSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerStatus"), + Ref: ref(v1.ReplicationControllerStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerSpec", "k8s.io/api/core/v1.ReplicationControllerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ReplicationControllerSpec{}.OpenAPIModelName(), v1.ReplicationControllerStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10532,7 +10939,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "The last time the condition transitioned from one status to another.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -10554,7 +10961,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerCondition(ref common.Referenc }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -10583,7 +10990,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10594,7 +11001,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationController"), + Ref: ref(v1.ReplicationController{}.OpenAPIModelName()), }, }, }, @@ -10605,7 +11012,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerList(ref common.ReferenceCall }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationController", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ReplicationController{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10656,14 +11063,14 @@ func schema_k8sio_api_core_v1_ReplicationControllerSpec(ref common.ReferenceCall "template": { SchemaProps: spec.SchemaProps{ Description: "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - Ref: ref("k8s.io/api/core/v1.PodTemplateSpec"), + Ref: ref(v1.PodTemplateSpec{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodTemplateSpec"}, + v1.PodTemplateSpec{}.OpenAPIModelName()}, } } @@ -10728,7 +11135,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ReplicationControllerCondition"), + Ref: ref(v1.ReplicationControllerCondition{}.OpenAPIModelName()), }, }, }, @@ -10739,7 +11146,7 @@ func schema_k8sio_api_core_v1_ReplicationControllerStatus(ref common.ReferenceCa }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ReplicationControllerCondition"}, + v1.ReplicationControllerCondition{}.OpenAPIModelName()}, } } @@ -10797,7 +11204,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback "divisor": { SchemaProps: spec.SchemaProps{ Description: "Specifies the output format of the exposed resources, defaults to \"1\"", - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10810,7 +11217,7 @@ func schema_k8sio_api_core_v1_ResourceFieldSelector(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -10868,28 +11275,28 @@ func schema_k8sio_api_core_v1_ResourceQuota(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaSpec"), + Ref: ref(v1.ResourceQuotaSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuotaStatus"), + Ref: ref(v1.ResourceQuotaStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuotaSpec", "k8s.io/api/core/v1.ResourceQuotaStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ResourceQuotaSpec{}.OpenAPIModelName(), v1.ResourceQuotaStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -10918,7 +11325,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -10929,7 +11336,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceQuota"), + Ref: ref(v1.ResourceQuota{}.OpenAPIModelName()), }, }, }, @@ -10940,7 +11347,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaList(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceQuota", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ResourceQuota{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -10959,7 +11366,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -10989,14 +11396,14 @@ func schema_k8sio_api_core_v1_ResourceQuotaSpec(ref common.ReferenceCallback) co "scopeSelector": { SchemaProps: spec.SchemaProps{ Description: "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - Ref: ref("k8s.io/api/core/v1.ScopeSelector"), + Ref: ref(v1.ScopeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopeSelector", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ScopeSelector{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -11015,7 +11422,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11029,7 +11436,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11039,7 +11446,7 @@ func schema_k8sio_api_core_v1_ResourceQuotaStatus(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -11058,7 +11465,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11072,7 +11479,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -11088,13 +11495,13 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", + Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis field depends on the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceClaim"), + Ref: ref(v1.ResourceClaim{}.OpenAPIModelName()), }, }, }, @@ -11104,7 +11511,7 @@ func schema_k8sio_api_core_v1_ResourceRequirements(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceClaim", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + v1.ResourceClaim{}.OpenAPIModelName(), resource.Quantity{}.OpenAPIModelName()}, } } @@ -11139,7 +11546,7 @@ func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ResourceHealth"), + Ref: ref(v1.ResourceHealth{}.OpenAPIModelName()), }, }, }, @@ -11150,7 +11557,7 @@ func schema_k8sio_api_core_v1_ResourceStatus(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceHealth"}, + v1.ResourceHealth{}.OpenAPIModelName()}, } } @@ -11221,7 +11628,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.SecretReference"), + Ref: ref(v1.SecretReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11280,7 +11687,7 @@ func schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretReference"}, + v1.SecretReference{}.OpenAPIModelName()}, } } @@ -11310,7 +11717,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, "sslEnabled": { @@ -11369,7 +11776,7 @@ func schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -11393,7 +11800,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ScopedResourceSelectorRequirement"), + Ref: ref(v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -11408,7 +11815,7 @@ func schema_k8sio_api_core_v1_ScopeSelector(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ScopedResourceSelectorRequirement"}, + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName()}, } } @@ -11531,7 +11938,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "immutable": { @@ -11583,7 +11990,7 @@ func schema_k8sio_api_core_v1_Secret(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -11682,7 +12089,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -11693,7 +12100,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Secret"), + Ref: ref(v1.Secret{}.OpenAPIModelName()), }, }, }, @@ -11704,7 +12111,7 @@ func schema_k8sio_api_core_v1_SecretList(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Secret", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Secret{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -11736,7 +12143,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11753,7 +12160,7 @@ func schema_k8sio_api_core_v1_SecretProjection(ref common.ReferenceCallback) com }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11816,7 +12223,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.KeyToPath"), + Ref: ref(v1.KeyToPath{}.OpenAPIModelName()), }, }, }, @@ -11840,7 +12247,7 @@ func schema_k8sio_api_core_v1_SecretVolumeSource(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.KeyToPath"}, + v1.KeyToPath{}.OpenAPIModelName()}, } } @@ -11854,7 +12261,7 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "capabilities": { SchemaProps: spec.SchemaProps{ Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.Capabilities"), + Ref: ref(v1.Capabilities{}.OpenAPIModelName()), }, }, "privileged": { @@ -11867,13 +12274,13 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seLinuxOptions": { SchemaProps: spec.SchemaProps{ Description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SELinuxOptions"), + Ref: ref(v1.SELinuxOptions{}.OpenAPIModelName()), }, }, "windowsOptions": { SchemaProps: spec.SchemaProps{ Description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", - Ref: ref("k8s.io/api/core/v1.WindowsSecurityContextOptions"), + Ref: ref(v1.WindowsSecurityContextOptions{}.OpenAPIModelName()), }, }, "runAsUser": { @@ -11922,20 +12329,20 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm "seccompProfile": { SchemaProps: spec.SchemaProps{ Description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.SeccompProfile"), + Ref: ref(v1.SeccompProfile{}.OpenAPIModelName()), }, }, "appArmorProfile": { SchemaProps: spec.SchemaProps{ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.", - Ref: ref("k8s.io/api/core/v1.AppArmorProfile"), + Ref: ref(v1.AppArmorProfile{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"}, + v1.AppArmorProfile{}.OpenAPIModelName(), v1.Capabilities{}.OpenAPIModelName(), v1.SELinuxOptions{}.OpenAPIModelName(), v1.SeccompProfile{}.OpenAPIModelName(), v1.WindowsSecurityContextOptions{}.OpenAPIModelName()}, } } @@ -11964,14 +12371,14 @@ func schema_k8sio_api_core_v1_SerializedReference(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "The reference to an object in the system.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -12000,28 +12407,28 @@ func schema_k8sio_api_core_v1_Service(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "spec": { SchemaProps: spec.SchemaProps{ Description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceSpec"), + Ref: ref(v1.ServiceSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceStatus"), + Ref: ref(v1.ServiceStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceSpec", "k8s.io/api/core/v1.ServiceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.ServiceSpec{}.OpenAPIModelName(), v1.ServiceStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -12050,7 +12457,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, "secrets": { @@ -12071,7 +12478,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12090,7 +12497,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, @@ -12107,7 +12514,7 @@ func schema_k8sio_api_core_v1_ServiceAccount(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + v1.LocalObjectReference{}.OpenAPIModelName(), v1.ObjectReference{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -12136,7 +12543,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12147,7 +12554,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServiceAccount"), + Ref: ref(v1.ServiceAccount{}.OpenAPIModelName()), }, }, }, @@ -12158,7 +12565,7 @@ func schema_k8sio_api_core_v1_ServiceAccountList(ref common.ReferenceCallback) c }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServiceAccount", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.ServiceAccount{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12223,7 +12630,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -12234,7 +12641,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Service"), + Ref: ref(v1.Service{}.OpenAPIModelName()), }, }, }, @@ -12245,7 +12652,7 @@ func schema_k8sio_api_core_v1_ServiceList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Service", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + v1.Service{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -12369,7 +12776,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.ServicePort"), + Ref: ref(v1.ServicePort{}.OpenAPIModelName()), }, }, }, @@ -12518,7 +12925,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O "sessionAffinityConfig": { SchemaProps: spec.SchemaProps{ Description: "sessionAffinityConfig contains the configurations of session affinity.", - Ref: ref("k8s.io/api/core/v1.SessionAffinityConfig"), + Ref: ref(v1.SessionAffinityConfig{}.OpenAPIModelName()), }, }, "ipFamilies": { @@ -12583,7 +12990,7 @@ func schema_k8sio_api_core_v1_ServiceSpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ServicePort", "k8s.io/api/core/v1.SessionAffinityConfig"}, + v1.ServicePort{}.OpenAPIModelName(), v1.SessionAffinityConfig{}.OpenAPIModelName()}, } } @@ -12598,7 +13005,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common SchemaProps: spec.SchemaProps{ Description: "LoadBalancer contains the current status of the load-balancer, if one is present.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LoadBalancerStatus"), + Ref: ref(v1.LoadBalancerStatus{}.OpenAPIModelName()), }, }, "conditions": { @@ -12619,7 +13026,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + Ref: ref(metav1.Condition{}.OpenAPIModelName()), }, }, }, @@ -12629,7 +13036,7 @@ func schema_k8sio_api_core_v1_ServiceStatus(ref common.ReferenceCallback) common }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LoadBalancerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, + v1.LoadBalancerStatus{}.OpenAPIModelName(), metav1.Condition{}.OpenAPIModelName()}, } } @@ -12643,14 +13050,14 @@ func schema_k8sio_api_core_v1_SessionAffinityConfig(ref common.ReferenceCallback "clientIP": { SchemaProps: spec.SchemaProps{ Description: "clientIP contains the configurations of Client IP based session affinity.", - Ref: ref("k8s.io/api/core/v1.ClientIPConfig"), + Ref: ref(v1.ClientIPConfig{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClientIPConfig"}, + v1.ClientIPConfig{}.OpenAPIModelName()}, } } @@ -12714,14 +13121,14 @@ func schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref common.Referen "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Ref: ref(v1.ObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ObjectReference"}, + v1.ObjectReference{}.OpenAPIModelName()}, } } @@ -12763,14 +13170,14 @@ func schema_k8sio_api_core_v1_StorageOSVolumeSource(ref common.ReferenceCallback "secretRef": { SchemaProps: spec.SchemaProps{ Description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + Ref: ref(v1.LocalObjectReference{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference"}, + v1.LocalObjectReference{}.OpenAPIModelName()}, } } @@ -12866,8 +13273,8 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, "timeAdded": { SchemaProps: spec.SchemaProps{ - Description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Description: "TimeAdded represents the time at which the taint was added.", + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, }, @@ -12875,7 +13282,7 @@ func schema_k8sio_api_core_v1_Taint(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -12895,10 +13302,10 @@ func schema_k8sio_api_core_v1_Toleration(ref common.ReferenceCallback) common.Op }, "operator": { SchemaProps: spec.SchemaProps{ - Description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`", + Description: "Operator represents a key's relationship to the value. Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).\n\nPossible enum values:\n - `\"Equal\"`\n - `\"Exists\"`\n - `\"Gt\"`\n - `\"Lt\"`", Type: []string{"string"}, Format: "", - Enum: []interface{}{"Equal", "Exists"}, + Enum: []interface{}{"Equal", "Exists", "Gt", "Lt"}, }, }, "value": { @@ -12991,7 +13398,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySelectorLabelRequirement"), + Ref: ref(v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()), }, }, }, @@ -13006,7 +13413,7 @@ func schema_k8sio_api_core_v1_TopologySelectorTerm(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/api/core/v1.TopologySelectorLabelRequirement"}, + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName()}, } } @@ -13045,7 +13452,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb "labelSelector": { SchemaProps: spec.SchemaProps{ Description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + Ref: ref(metav1.LabelSelector{}.OpenAPIModelName()), }, }, "minDomains": { @@ -13096,7 +13503,7 @@ func schema_k8sio_api_core_v1_TopologySpreadConstraint(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + metav1.LabelSelector{}.OpenAPIModelName()}, } } @@ -13204,181 +13611,181 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), }, }, "image": { SchemaProps: spec.SchemaProps{ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", - Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, @@ -13386,7 +13793,7 @@ func schema_k8sio_api_core_v1_Volume(ref common.ReferenceCallback) common.OpenAP }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -13540,14 +13947,14 @@ func schema_k8sio_api_core_v1_VolumeNodeAffinity(ref common.ReferenceCallback) c "required": { SchemaProps: spec.SchemaProps{ Description: "required specifies hard node constraints that must be met.", - Ref: ref("k8s.io/api/core/v1.NodeSelector"), + Ref: ref(v1.NodeSelector{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.NodeSelector"}, + v1.NodeSelector{}.OpenAPIModelName()}, } } @@ -13561,38 +13968,44 @@ func schema_k8sio_api_core_v1_VolumeProjection(ref common.ReferenceCallback) com "secret": { SchemaProps: spec.SchemaProps{ Description: "secret information about the secret data to project", - Ref: ref("k8s.io/api/core/v1.SecretProjection"), + Ref: ref(v1.SecretProjection{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI information about the downwardAPI data to project", - Ref: ref("k8s.io/api/core/v1.DownwardAPIProjection"), + Ref: ref(v1.DownwardAPIProjection{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap information about the configMap data to project", - Ref: ref("k8s.io/api/core/v1.ConfigMapProjection"), + Ref: ref(v1.ConfigMapProjection{}.OpenAPIModelName()), }, }, "serviceAccountToken": { SchemaProps: spec.SchemaProps{ Description: "serviceAccountToken is information about the serviceAccountToken data to project", - Ref: ref("k8s.io/api/core/v1.ServiceAccountTokenProjection"), + Ref: ref(v1.ServiceAccountTokenProjection{}.OpenAPIModelName()), }, }, "clusterTrustBundle": { SchemaProps: spec.SchemaProps{ Description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", - Ref: ref("k8s.io/api/core/v1.ClusterTrustBundleProjection"), + Ref: ref(v1.ClusterTrustBundleProjection{}.OpenAPIModelName()), + }, + }, + "podCertificate": { + SchemaProps: spec.SchemaProps{ + Description: "Projects an auto-rotating credential bundle (private key and certificate chain) that the pod can use either as a TLS client or server.\n\nKubelet generates a private key and uses it to send a PodCertificateRequest to the named signer. Once the signer approves the request and issues a certificate chain, Kubelet writes the key and certificate chain to the pod filesystem. The pod does not start until certificates have been issued for each podCertificate projected volume source in its spec.\n\nKubelet will begin trying to rotate the certificate at the time indicated by the signer using the PodCertificateRequest.Status.BeginRefreshAt timestamp.\n\nKubelet can write a single file, indicated by the credentialBundlePath field, or separate files, indicated by the keyPath and certificateChainPath fields.\n\nThe credential bundle is a single file in PEM format. The first PEM entry is the private key (in PKCS#8 format), and the remaining PEM entries are the certificate chain issued by the signer (typically, signers will return their certificate chain in leaf-to-root order).\n\nPrefer using the credential bundle format, since your application code can read it atomically. If you use keyPath and certificateChainPath, your application must make two separate file reads. If these coincide with a certificate rotation, it is possible that the private key and leaf certificate you read may not correspond to each other. Your application will need to check for this condition, and re-read until they are consistent.\n\nThe named signer controls chooses the format of the certificate it issues; consult the signer implementation's documentation to learn how to use the certificates it issues.", + Ref: ref(v1.PodCertificateProjection{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ClusterTrustBundleProjection", "k8s.io/api/core/v1.ConfigMapProjection", "k8s.io/api/core/v1.DownwardAPIProjection", "k8s.io/api/core/v1.SecretProjection", "k8s.io/api/core/v1.ServiceAccountTokenProjection"}, + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(), v1.ConfigMapProjection{}.OpenAPIModelName(), v1.DownwardAPIProjection{}.OpenAPIModelName(), v1.PodCertificateProjection{}.OpenAPIModelName(), v1.SecretProjection{}.OpenAPIModelName(), v1.ServiceAccountTokenProjection{}.OpenAPIModelName()}, } } @@ -13611,7 +14024,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13625,7 +14038,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal Allows: true, Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/api/resource.Quantity"), + Ref: ref(resource.Quantity{}.OpenAPIModelName()), }, }, }, @@ -13635,7 +14048,7 @@ func schema_k8sio_api_core_v1_VolumeResourceRequirements(ref common.ReferenceCal }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + resource.Quantity{}.OpenAPIModelName()}, } } @@ -13649,188 +14062,188 @@ func schema_k8sio_api_core_v1_VolumeSource(ref common.ReferenceCallback) common. "hostPath": { SchemaProps: spec.SchemaProps{ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - Ref: ref("k8s.io/api/core/v1.HostPathVolumeSource"), + Ref: ref(v1.HostPathVolumeSource{}.OpenAPIModelName()), }, }, "emptyDir": { SchemaProps: spec.SchemaProps{ Description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - Ref: ref("k8s.io/api/core/v1.EmptyDirVolumeSource"), + Ref: ref(v1.EmptyDirVolumeSource{}.OpenAPIModelName()), }, }, "gcePersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - Ref: ref("k8s.io/api/core/v1.GCEPersistentDiskVolumeSource"), + Ref: ref(v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "awsElasticBlockStore": { SchemaProps: spec.SchemaProps{ Description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - Ref: ref("k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource"), + Ref: ref(v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName()), }, }, "gitRepo": { SchemaProps: spec.SchemaProps{ Description: "gitRepo represents a git repository at a particular revision. Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - Ref: ref("k8s.io/api/core/v1.GitRepoVolumeSource"), + Ref: ref(v1.GitRepoVolumeSource{}.OpenAPIModelName()), }, }, "secret": { SchemaProps: spec.SchemaProps{ Description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - Ref: ref("k8s.io/api/core/v1.SecretVolumeSource"), + Ref: ref(v1.SecretVolumeSource{}.OpenAPIModelName()), }, }, "nfs": { SchemaProps: spec.SchemaProps{ Description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - Ref: ref("k8s.io/api/core/v1.NFSVolumeSource"), + Ref: ref(v1.NFSVolumeSource{}.OpenAPIModelName()), }, }, "iscsi": { SchemaProps: spec.SchemaProps{ - Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", - Ref: ref("k8s.io/api/core/v1.ISCSIVolumeSource"), + Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi", + Ref: ref(v1.ISCSIVolumeSource{}.OpenAPIModelName()), }, }, "glusterfs": { SchemaProps: spec.SchemaProps{ - Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md", - Ref: ref("k8s.io/api/core/v1.GlusterfsVolumeSource"), + Description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.", + Ref: ref(v1.GlusterfsVolumeSource{}.OpenAPIModelName()), }, }, "persistentVolumeClaim": { SchemaProps: spec.SchemaProps{ Description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource"), + Ref: ref(v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName()), }, }, "rbd": { SchemaProps: spec.SchemaProps{ - Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md", - Ref: ref("k8s.io/api/core/v1.RBDVolumeSource"), + Description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported.", + Ref: ref(v1.RBDVolumeSource{}.OpenAPIModelName()), }, }, "flexVolume": { SchemaProps: spec.SchemaProps{ Description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead.", - Ref: ref("k8s.io/api/core/v1.FlexVolumeSource"), + Ref: ref(v1.FlexVolumeSource{}.OpenAPIModelName()), }, }, "cinder": { SchemaProps: spec.SchemaProps{ Description: "cinder represents a cinder volume attached and mounted on kubelets host machine. Deprecated: Cinder is deprecated. All operations for the in-tree cinder type are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", - Ref: ref("k8s.io/api/core/v1.CinderVolumeSource"), + Ref: ref(v1.CinderVolumeSource{}.OpenAPIModelName()), }, }, "cephfs": { SchemaProps: spec.SchemaProps{ Description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.CephFSVolumeSource"), + Ref: ref(v1.CephFSVolumeSource{}.OpenAPIModelName()), }, }, "flocker": { SchemaProps: spec.SchemaProps{ Description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.FlockerVolumeSource"), + Ref: ref(v1.FlockerVolumeSource{}.OpenAPIModelName()), }, }, "downwardAPI": { SchemaProps: spec.SchemaProps{ Description: "downwardAPI represents downward API about the pod that should populate this volume", - Ref: ref("k8s.io/api/core/v1.DownwardAPIVolumeSource"), + Ref: ref(v1.DownwardAPIVolumeSource{}.OpenAPIModelName()), }, }, "fc": { SchemaProps: spec.SchemaProps{ Description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - Ref: ref("k8s.io/api/core/v1.FCVolumeSource"), + Ref: ref(v1.FCVolumeSource{}.OpenAPIModelName()), }, }, "azureFile": { SchemaProps: spec.SchemaProps{ Description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod. Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type are redirected to the file.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureFileVolumeSource"), + Ref: ref(v1.AzureFileVolumeSource{}.OpenAPIModelName()), }, }, "configMap": { SchemaProps: spec.SchemaProps{ Description: "configMap represents a configMap that should populate this volume", - Ref: ref("k8s.io/api/core/v1.ConfigMapVolumeSource"), + Ref: ref(v1.ConfigMapVolumeSource{}.OpenAPIModelName()), }, }, "vsphereVolume": { SchemaProps: spec.SchemaProps{ Description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type are redirected to the csi.vsphere.vmware.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"), + Ref: ref(v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()), }, }, "quobyte": { SchemaProps: spec.SchemaProps{ Description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime. Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.QuobyteVolumeSource"), + Ref: ref(v1.QuobyteVolumeSource{}.OpenAPIModelName()), }, }, "azureDisk": { SchemaProps: spec.SchemaProps{ Description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type are redirected to the disk.csi.azure.com CSI driver.", - Ref: ref("k8s.io/api/core/v1.AzureDiskVolumeSource"), + Ref: ref(v1.AzureDiskVolumeSource{}.OpenAPIModelName()), }, }, "photonPersistentDisk": { SchemaProps: spec.SchemaProps{ Description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource"), + Ref: ref(v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName()), }, }, "projected": { SchemaProps: spec.SchemaProps{ Description: "projected items for all in one resources secrets, configmaps, and downward API", - Ref: ref("k8s.io/api/core/v1.ProjectedVolumeSource"), + Ref: ref(v1.ProjectedVolumeSource{}.OpenAPIModelName()), }, }, "portworxVolume": { SchemaProps: spec.SchemaProps{ Description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine. Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate is on.", - Ref: ref("k8s.io/api/core/v1.PortworxVolumeSource"), + Ref: ref(v1.PortworxVolumeSource{}.OpenAPIModelName()), }, }, "scaleIO": { SchemaProps: spec.SchemaProps{ Description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.ScaleIOVolumeSource"), + Ref: ref(v1.ScaleIOVolumeSource{}.OpenAPIModelName()), }, }, "storageos": { SchemaProps: spec.SchemaProps{ Description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.", - Ref: ref("k8s.io/api/core/v1.StorageOSVolumeSource"), + Ref: ref(v1.StorageOSVolumeSource{}.OpenAPIModelName()), }, }, "csi": { SchemaProps: spec.SchemaProps{ Description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.", - Ref: ref("k8s.io/api/core/v1.CSIVolumeSource"), + Ref: ref(v1.CSIVolumeSource{}.OpenAPIModelName()), }, }, "ephemeral": { SchemaProps: spec.SchemaProps{ Description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.", - Ref: ref("k8s.io/api/core/v1.EphemeralVolumeSource"), + Ref: ref(v1.EphemeralVolumeSource{}.OpenAPIModelName()), }, }, "image": { SchemaProps: spec.SchemaProps{ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", - Ref: ref("k8s.io/api/core/v1.ImageVolumeSource"), + Ref: ref(v1.ImageVolumeSource{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFileVolumeSource", "k8s.io/api/core/v1.CSIVolumeSource", "k8s.io/api/core/v1.CephFSVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.ConfigMapVolumeSource", "k8s.io/api/core/v1.DownwardAPIVolumeSource", "k8s.io/api/core/v1.EmptyDirVolumeSource", "k8s.io/api/core/v1.EphemeralVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GitRepoVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIVolumeSource", "k8s.io/api/core/v1.ImageVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PersistentVolumeClaimVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.ProjectedVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDVolumeSource", "k8s.io/api/core/v1.ScaleIOVolumeSource", "k8s.io/api/core/v1.SecretVolumeSource", "k8s.io/api/core/v1.StorageOSVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"}, + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(), v1.AzureDiskVolumeSource{}.OpenAPIModelName(), v1.AzureFileVolumeSource{}.OpenAPIModelName(), v1.CSIVolumeSource{}.OpenAPIModelName(), v1.CephFSVolumeSource{}.OpenAPIModelName(), v1.CinderVolumeSource{}.OpenAPIModelName(), v1.ConfigMapVolumeSource{}.OpenAPIModelName(), v1.DownwardAPIVolumeSource{}.OpenAPIModelName(), v1.EmptyDirVolumeSource{}.OpenAPIModelName(), v1.EphemeralVolumeSource{}.OpenAPIModelName(), v1.FCVolumeSource{}.OpenAPIModelName(), v1.FlexVolumeSource{}.OpenAPIModelName(), v1.FlockerVolumeSource{}.OpenAPIModelName(), v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.GitRepoVolumeSource{}.OpenAPIModelName(), v1.GlusterfsVolumeSource{}.OpenAPIModelName(), v1.HostPathVolumeSource{}.OpenAPIModelName(), v1.ISCSIVolumeSource{}.OpenAPIModelName(), v1.ImageVolumeSource{}.OpenAPIModelName(), v1.NFSVolumeSource{}.OpenAPIModelName(), v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(), v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(), v1.PortworxVolumeSource{}.OpenAPIModelName(), v1.ProjectedVolumeSource{}.OpenAPIModelName(), v1.QuobyteVolumeSource{}.OpenAPIModelName(), v1.RBDVolumeSource{}.OpenAPIModelName(), v1.ScaleIOVolumeSource{}.OpenAPIModelName(), v1.SecretVolumeSource{}.OpenAPIModelName(), v1.StorageOSVolumeSource{}.OpenAPIModelName(), v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName()}, } } @@ -13896,7 +14309,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba SchemaProps: spec.SchemaProps{ Description: "Required. A pod affinity term, associated with the corresponding weight.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.PodAffinityTerm"), + Ref: ref(v1.PodAffinityTerm{}.OpenAPIModelName()), }, }, }, @@ -13904,7 +14317,7 @@ func schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref common.ReferenceCallba }, }, Dependencies: []string{ - "k8s.io/api/core/v1.PodAffinityTerm"}, + v1.PodAffinityTerm{}.OpenAPIModelName()}, } } @@ -13949,6 +14362,91 @@ func schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref common.Reference } } +func schema_k8sio_api_core_v1_WorkloadReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WorkloadReference identifies the Workload object and PodGroup membership that a Pod belongs to. The scheduler uses this information to apply workload-aware scheduling semantics.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name defines the name of the Workload object this Pod belongs to. Workload must be in the same namespace as the Pod. If it doesn't match any existing Workload, the Pod will remain unschedulable until a Workload object is created and observed by the kube-scheduler. It must be a DNS subdomain.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroup": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroup is the name of the PodGroup within the Workload that this Pod belongs to. If it doesn't match any existing PodGroup within the Workload, the Pod will remain unschedulable until the Workload object is recreated and observed by the kube-scheduler. It must be a DNS label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "podGroupReplicaKey": { + SchemaProps: spec.SchemaProps{ + Description: "PodGroupReplicaKey specifies the replica key of the PodGroup to which this Pod belongs. It is used to distinguish pods belonging to different replicas of the same pod group. The pod group policy is applied separately to each replica. When set, it must be a DNS label.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "podGroup"}, + }, + }, + } +} + +func schema_apimachinery_pkg_api_resource_Quantity(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.EmbedOpenAPIDefinitionIntoV2Extension(common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + OneOf: common.GenerateOpenAPIV3OneOfSchema(resource.Quantity{}.OpenAPIV3OneOfTypes()), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }, common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + Type: resource.Quantity{}.OpenAPISchemaType(), + Format: resource.Quantity{}.OpenAPISchemaFormat(), + }, + }, + }) +} + +func schema_apimachinery_pkg_api_resource_int64Amount(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "value": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int64", + }, + }, + "scale": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"value", "scale"}, + }, + }, + } +} + func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -13991,7 +14489,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, }, @@ -14001,7 +14499,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA SchemaProps: spec.SchemaProps{ Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + Ref: ref(metav1.GroupVersionForDiscovery{}.OpenAPIModelName()), }, }, "serverAddressByClientCIDRs": { @@ -14017,7 +14515,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -14028,7 +14526,7 @@ func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(), metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14066,7 +14564,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + Ref: ref(metav1.APIGroup{}.OpenAPIModelName()), }, }, }, @@ -14077,7 +14575,7 @@ func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + metav1.APIGroup{}.OpenAPIModelName()}, } } @@ -14245,7 +14743,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + Ref: ref(metav1.APIResource{}.OpenAPIModelName()), }, }, }, @@ -14256,7 +14754,7 @@ func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + metav1.APIResource{}.OpenAPIModelName()}, } } @@ -14314,7 +14812,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + Ref: ref(metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()), }, }, }, @@ -14325,7 +14823,7 @@ func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.Op }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName()}, } } @@ -14426,7 +14924,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open "lastTransitionTime": { SchemaProps: spec.SchemaProps{ Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "reason": { @@ -14450,7 +14948,7 @@ func schema_pkg_apis_meta_v1_Condition(ref common.ReferenceCallback) common.Open }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.Time{}.OpenAPIModelName()}, } } @@ -14546,7 +15044,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. "preconditions": { SchemaProps: spec.SchemaProps{ Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + Ref: ref(metav1.Preconditions{}.OpenAPIModelName()), }, }, "orphanDependents": { @@ -14594,7 +15092,7 @@ func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + metav1.Preconditions{}.OpenAPIModelName()}, } } @@ -14906,15 +15404,12 @@ func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common. "Object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Bookmark: the object (instance of a type being watched) where\n only ResourceVersion field is set. On successful restart of watch from a\n bookmark resourceVersion, client is guaranteed to not get repeat event\n nor miss any events.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), }, }, }, Required: []string{"Type", "Object"}, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.Object"}, } } @@ -14954,7 +15449,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + Ref: ref(metav1.LabelSelectorRequirement{}.OpenAPIModelName()), }, }, }, @@ -14969,7 +15464,7 @@ func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + metav1.LabelSelectorRequirement{}.OpenAPIModelName()}, } } @@ -15048,7 +15543,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15058,7 +15553,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -15069,7 +15564,7 @@ func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDe }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.ListMeta{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -15242,7 +15737,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "time": { SchemaProps: spec.SchemaProps{ Description: "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "fieldsType": { @@ -15255,7 +15750,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co "fieldsV1": { SchemaProps: spec.SchemaProps{ Description: "FieldsV1 holds the first JSON version format as described in the \"FieldsV1\" type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1"), + Ref: ref(metav1.FieldsV1{}.OpenAPIModelName()), }, }, "subresource": { @@ -15269,7 +15764,7 @@ func schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref common.ReferenceCallback) co }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.FieldsV1{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15344,13 +15839,13 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope "creationTimestamp": { SchemaProps: spec.SchemaProps{ Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionTimestamp": { SchemaProps: spec.SchemaProps{ Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + Ref: ref(metav1.Time{}.OpenAPIModelName()), }, }, "deletionGracePeriodSeconds": { @@ -15410,7 +15905,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + Ref: ref(metav1.OwnerReference{}.OpenAPIModelName()), }, }, }, @@ -15450,7 +15945,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry"), + Ref: ref(metav1.ManagedFieldsEntry{}.OpenAPIModelName()), }, }, }, @@ -15460,7 +15955,7 @@ func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + metav1.ManagedFieldsEntry{}.OpenAPIModelName(), metav1.OwnerReference{}.OpenAPIModelName(), metav1.Time{}.OpenAPIModelName()}, } } @@ -15554,14 +16049,14 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadata(ref common.ReferenceCallback) SchemaProps: spec.SchemaProps{ Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref(metav1.ObjectMeta{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -15590,7 +16085,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "items": { @@ -15601,7 +16096,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"), + Ref: ref(metav1.PartialObjectMetadata{}.OpenAPIModelName()), }, }, }, @@ -15612,7 +16107,7 @@ func schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.PartialObjectMetadata{}.OpenAPIModelName()}, } } @@ -15811,7 +16306,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "status": { @@ -15836,14 +16331,9 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, "details": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + Ref: ref(metav1.StatusDetails{}.OpenAPIModelName()), }, }, "code": { @@ -15857,7 +16347,7 @@ func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPI }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.StatusDetails{}.OpenAPIModelName()}, } } @@ -15943,7 +16433,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + Ref: ref(metav1.StatusCause{}.OpenAPIModelName()), }, }, }, @@ -15960,7 +16450,7 @@ func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + metav1.StatusCause{}.OpenAPIModelName()}, } } @@ -15989,7 +16479,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID SchemaProps: spec.SchemaProps{ Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref(metav1.ListMeta{}.OpenAPIModelName()), }, }, "columnDefinitions": { @@ -16005,7 +16495,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition"), + Ref: ref(metav1.TableColumnDefinition{}.OpenAPIModelName()), }, }, }, @@ -16024,7 +16514,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"), + Ref: ref(metav1.TableRow{}.OpenAPIModelName()), }, }, }, @@ -16035,7 +16525,7 @@ func schema_pkg_apis_meta_v1_Table(ref common.ReferenceCallback) common.OpenAPID }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow"}, + metav1.ListMeta{}.OpenAPIModelName(), metav1.TableColumnDefinition{}.OpenAPIModelName(), metav1.TableRow{}.OpenAPIModelName()}, } } @@ -16166,7 +16656,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition"), + Ref: ref(metav1.TableRowCondition{}.OpenAPIModelName()), }, }, }, @@ -16175,7 +16665,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA "object": { SchemaProps: spec.SchemaProps{ Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing. The media type of the object will always match the enclosing list - if this as a JSON table, these will be JSON encoded objects.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16183,7 +16673,7 @@ func schema_pkg_apis_meta_v1_TableRow(ref common.ReferenceCallback) common.OpenA }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + metav1.TableRowCondition{}.OpenAPIModelName(), runtime.RawExtension{}.OpenAPIModelName()}, } } @@ -16378,7 +16868,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope "object": { SchemaProps: spec.SchemaProps{ Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + Ref: ref(runtime.RawExtension{}.OpenAPIModelName()), }, }, }, @@ -16386,7 +16876,7 @@ func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.Ope }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + runtime.RawExtension{}.OpenAPIModelName()}, } } diff --git a/go.mod b/go.mod index 2b4eb7069..8a7f55b39 100644 --- a/go.mod +++ b/go.mod @@ -2,20 +2,6 @@ module go.pinniped.dev go 1.25.0 -// This is the version of github.com/google/gnostic-models used in v0.33.5 kubernetes libs. -// Newer versions of github.com/google/gnostic-models use "go.yaml.in/yaml/v3" instead of "gopkg.in/yaml.v3" which causes a compile error. -// https://github.com/kubernetes/client-go/blob/v0.33.5/go.mod#L12 -// As an indirect dependency, we have to use a replace statement instead of hack/update-go-mod/overrides.conf -replace github.com/google/gnostic-models => github.com/google/gnostic-models v0.6.9 - -// These are the versions called out in v0.33.5 kubernetes libs. -// As indirect dependencies, we have to use replace statements instead of hack/update-go-mod/overrides.conf -replace ( - k8s.io/kms => k8s.io/kms v0.33.5 - // https://github.com/kubernetes/apiserver/blob/v0.33.5/go.mod#L59 - sigs.k8s.io/apiserver-network-proxy/konnectivity-client => sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 -) - require ( github.com/MakeNowJust/heredoc/v2 v2.0.1 github.com/chromedp/cdproto v0.0.0-20250724212937-08a3db8b4327 @@ -58,16 +44,16 @@ require ( golang.org/x/sync v0.19.0 golang.org/x/term v0.38.0 golang.org/x/text v0.32.0 - k8s.io/api v0.33.5 - k8s.io/apiextensions-apiserver v0.33.5 - k8s.io/apimachinery v0.33.5 - k8s.io/apiserver v0.33.5 - k8s.io/client-go v0.33.5 - k8s.io/component-base v0.33.5 + k8s.io/api v0.35.0 + k8s.io/apiextensions-apiserver v0.35.0 + k8s.io/apimachinery v0.35.0 + k8s.io/apiserver v0.35.0 + k8s.io/client-go v0.35.0 + k8s.io/component-base v0.35.0 k8s.io/gengo v0.0.0-20251215205346-5ee0d033ba5b k8s.io/klog/v2 v2.130.1 - k8s.io/kube-aggregator v0.33.5 - k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff + k8s.io/kube-aggregator v0.35.0 + k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 sigs.k8s.io/yaml v1.6.0 ) @@ -89,9 +75,9 @@ require ( github.com/cristalhq/jwt/v4 v4.0.2 // indirect github.com/dgraph-io/ristretto v1.0.0 // indirect github.com/dustin/go-humanize v1.0.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.2 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect - github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/fxamacker/cbor/v2 v2.9.0 // indirect github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect github.com/go-json-experiment/json v0.0.0-20250725192818-e39067aee2d2 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect @@ -109,7 +95,7 @@ require ( github.com/google/go-querystring v1.1.0 // indirect github.com/gorilla/mux v1.8.1 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/hcl v1.0.0 // indirect @@ -124,7 +110,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/spdystream v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/openzipkin/zipkin-go v0.4.3 // indirect @@ -134,10 +120,10 @@ require ( github.com/pelletier/go-toml/v2 v2.0.9 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/pquerna/cachecontrol v0.1.0 // indirect - github.com/prometheus/client_golang v1.22.0 // indirect - github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.62.0 // indirect - github.com/prometheus/procfs v0.15.1 // indirect + github.com/prometheus/client_golang v1.23.2 // indirect + github.com/prometheus/client_model v0.6.2 // indirect + github.com/prometheus/common v0.66.1 // indirect + github.com/prometheus/procfs v0.16.1 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761 // indirect github.com/sirupsen/logrus v1.9.3 // indirect @@ -149,47 +135,47 @@ require ( github.com/subosito/gotenv v1.4.2 // indirect github.com/tdewolff/parse/v2 v2.8.5 // indirect github.com/x448/float16 v0.8.4 // indirect - go.etcd.io/etcd/api/v3 v3.5.21 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.21 // indirect - go.etcd.io/etcd/client/v3 v3.5.21 // indirect + go.etcd.io/etcd/api/v3 v3.6.5 // indirect + go.etcd.io/etcd/client/pkg/v3 v3.6.5 // indirect + go.etcd.io/etcd/client/v3 v3.6.5 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect go.opentelemetry.io/contrib/propagators/b3 v1.32.0 // indirect go.opentelemetry.io/contrib/propagators/jaeger v1.32.0 // indirect go.opentelemetry.io/contrib/samplers/jaegerremote v0.26.0 // indirect - go.opentelemetry.io/otel v1.33.0 // indirect + go.opentelemetry.io/otel v1.36.0 // indirect go.opentelemetry.io/otel/exporters/jaeger v1.17.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.33.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0 // indirect go.opentelemetry.io/otel/exporters/zipkin v1.32.0 // indirect - go.opentelemetry.io/otel/metric v1.33.0 // indirect - go.opentelemetry.io/otel/sdk v1.33.0 // indirect - go.opentelemetry.io/otel/trace v1.33.0 // indirect - go.opentelemetry.io/proto/otlp v1.4.0 // indirect + go.opentelemetry.io/otel/metric v1.36.0 // indirect + go.opentelemetry.io/otel/sdk v1.36.0 // indirect + go.opentelemetry.io/otel/trace v1.36.0 // indirect + go.opentelemetry.io/proto/otlp v1.5.0 // indirect go.uber.org/multierr v1.11.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/mod v0.30.0 // indirect golang.org/x/sys v0.39.0 // indirect golang.org/x/time v0.11.0 // indirect golang.org/x/tools v0.39.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect - google.golang.org/grpc v1.68.1 // indirect - google.golang.org/protobuf v1.36.5 // indirect - gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250528174236-200df99c418a // indirect + google.golang.org/grpc v1.72.2 // indirect + google.golang.org/protobuf v1.36.8 // indirect + gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/kms v0.33.5 // indirect + k8s.io/kms v0.35.0 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 // indirect - sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.6.0 // indirect + sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect ) diff --git a/go.sum b/go.sum index 6f9607452..2e08e83ac 100644 --- a/go.sum +++ b/go.sum @@ -45,6 +45,8 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/MakeNowJust/heredoc/v2 v2.0.1 h1:rlCHh70XXXv7toz95ajQWOWQnN4WNLt0TdpZYIR/J6A= github.com/MakeNowJust/heredoc/v2 v2.0.1/go.mod h1:6/2Abh5s+hc3g9nbWLe9ObDIOhaRrqsyY9MWy+4JdRM= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= +github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= +github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/alexbrainman/sspi v0.0.0-20250919150558-7d374ff0d59e h1:4dAU9FXIyQktpoUAgOJK3OTFc/xug0PCXYCqU0FgDKI= @@ -108,8 +110,8 @@ github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WA github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= +github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -126,8 +128,8 @@ github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0X github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= -github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= -github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= +github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo= github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -196,8 +198,8 @@ github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRx github.com/gofrs/uuid v4.3.1+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI= -github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= +github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -231,8 +233,8 @@ github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= github.com/google/cel-go v0.26.1 h1:iPbVVEdkhTX++hpe3lzSk7D3G3QSYqLGoHOcEio+UXQ= github.com/google/cel-go v0.26.1/go.mod h1:A9O8OU9rdvrK5MQyrqfIxo1a0u4g3sF8KB6PUIaryMM= -github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= -github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= +github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= +github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -268,8 +270,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= -github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -284,14 +286,14 @@ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kX github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo= github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.1 h1:qnpSQwGEnkcRpTqNOIR6bJbR0gAorgP9CSALpRcKoAA= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.1/go.mod h1:lXGCsh6c22WGtjr+qGHj1otzZpV/1kwTMAqkwZsnWRU= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.0 h1:FbSCl+KggFl+Ocym490i/EyXF4lPgLoUtcSWquBM0Rs= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.0/go.mod h1:qOchhhIlmRcqk/O9uCo/puJlyo07YINaIqdZfZG3Jkc= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0 h1:TmHmbvxPmaegwhDubVz0lICL0J5Ka2vwTzhoePEXsGE= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0/go.mod h1:qztMSjm835F2bXf+5HKAPIS5qsmQDqZna/PgVt4rWtI= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 h1:5ZPtiqj0JL5oKWmcsq4VMaAW5ukBEgSGXEN89zeH1Jo= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3/go.mod h1:ndYquD05frm2vACXE1nsccT4oJzjhw2arTS2cpUD1PI= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= @@ -363,8 +365,8 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ= github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= -github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4= -github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc= +github.com/jonboulle/clockwork v0.5.0 h1:Hyh9A8u51kptdkR+cqRpT1EebBwTn1oK9YfGYbdFz6I= +github.com/jonboulle/clockwork v0.5.0/go.mod h1:3mZlmanh0g2NDKO5TWZVJAfofYk64M7XN3SzBPjZF60= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531 h1:hgVxRoDDPtQE68PT4LFvNlPz2nBKd3OMlGKIQ69OmR4= @@ -445,8 +447,9 @@ github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVO github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8= +github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= @@ -457,10 +460,10 @@ github.com/nyaruka/phonenumbers v1.1.6 h1:DcueYq7QrOArAprAYNoQfDgp0KetO4LqtnBtQC github.com/nyaruka/phonenumbers v1.1.6/go.mod h1:yShPJHDSH3aTKzCbXyVxNpbl2kA+F+Ne5Pun/MvFRos= github.com/oleiade/reflections v1.0.1 h1:D1XO3LVEYroYskEsoSiGItp9RUxG6jWnCVvrqH0HHQM= github.com/oleiade/reflections v1.0.1/go.mod h1:rdFxbxq4QXVZWj0F+e9jqjDkc7dbp97vkRixKo2JR60= -github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= -github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= +github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= +github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= +github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= github.com/openzipkin/zipkin-go v0.4.3 h1:9EGwpqkgnwdEIJ+Od7QVSEIH+ocmm5nPat0G7sjsSdg= github.com/openzipkin/zipkin-go v0.4.3/go.mod h1:M9wCJZFWCo2RiY+o1eBCEMe0Dp2S5LDHcMZmk3RmK7c= github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde h1:x0TT0RDC7UhAVbbWWBzr41ElhJx5tXPWkIHA2HWPRuw= @@ -491,19 +494,19 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8cTqKc= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= -github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= -github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= +github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= +github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= -github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= -github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= -github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= -github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= +github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= +github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= +github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= +github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= +github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= -github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= +github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= @@ -592,22 +595,20 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= -go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0= -go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= -go.etcd.io/etcd/api/v3 v3.5.21 h1:A6O2/JDb3tvHhiIz3xf9nJ7REHvtEFJJ3veW3FbCnS8= -go.etcd.io/etcd/api/v3 v3.5.21/go.mod h1:c3aH5wcvXv/9dqIw2Y810LDXJfhSYdHQ0vxmP3CCHVY= -go.etcd.io/etcd/client/pkg/v3 v3.5.21 h1:lPBu71Y7osQmzlflM9OfeIV2JlmpBjqBNlLtcoBqUTc= -go.etcd.io/etcd/client/pkg/v3 v3.5.21/go.mod h1:BgqT/IXPjK9NkeSDjbzwsHySX3yIle2+ndz28nVsjUs= -go.etcd.io/etcd/client/v2 v2.305.21 h1:eLiFfexc2mE+pTLz9WwnoEsX5JTTpLCYVivKkmVXIRA= -go.etcd.io/etcd/client/v2 v2.305.21/go.mod h1:OKkn4hlYNf43hpjEM3Ke3aRdUkhSl8xjKjSf8eCq2J8= -go.etcd.io/etcd/client/v3 v3.5.21 h1:T6b1Ow6fNjOLOtM0xSoKNQt1ASPCLWrF9XMHcH9pEyY= -go.etcd.io/etcd/client/v3 v3.5.21/go.mod h1:mFYy67IOqmbRf/kRUvsHixzo3iG+1OF2W2+jVIQRAnU= -go.etcd.io/etcd/pkg/v3 v3.5.21 h1:jUItxeKyrDuVuWhdh0HtjUANwyuzcb7/FAeUfABmQsk= -go.etcd.io/etcd/pkg/v3 v3.5.21/go.mod h1:wpZx8Egv1g4y+N7JAsqi2zoUiBIUWznLjqJbylDjWgU= -go.etcd.io/etcd/raft/v3 v3.5.21 h1:dOmE0mT55dIUsX77TKBLq+RgyumsQuYeiRQnW/ylugk= -go.etcd.io/etcd/raft/v3 v3.5.21/go.mod h1:fmcuY5R2SNkklU4+fKVBQi2biVp5vafMrWUEj4TJ4Cs= -go.etcd.io/etcd/server/v3 v3.5.21 h1:9w0/k12majtgarGmlMVuhwXRI2ob3/d1Ik3X5TKo0yU= -go.etcd.io/etcd/server/v3 v3.5.21/go.mod h1:G1mOzdwuzKT1VRL7SqRchli/qcFrtLBTAQ4lV20sXXo= +go.etcd.io/bbolt v1.4.3 h1:dEadXpI6G79deX5prL3QRNP6JB8UxVkqo4UPnHaNXJo= +go.etcd.io/bbolt v1.4.3/go.mod h1:tKQlpPaYCVFctUIgFKFnAlvbmB3tpy1vkTnDWohtc0E= +go.etcd.io/etcd/api/v3 v3.6.5 h1:pMMc42276sgR1j1raO/Qv3QI9Af/AuyQUW6CBAWuntA= +go.etcd.io/etcd/api/v3 v3.6.5/go.mod h1:ob0/oWA/UQQlT1BmaEkWQzI0sJ1M0Et0mMpaABxguOQ= +go.etcd.io/etcd/client/pkg/v3 v3.6.5 h1:Duz9fAzIZFhYWgRjp/FgNq2gO1jId9Yae/rLn3RrBP8= +go.etcd.io/etcd/client/pkg/v3 v3.6.5/go.mod h1:8Wx3eGRPiy0qOFMZT/hfvdos+DjEaPxdIDiCDUv/FQk= +go.etcd.io/etcd/client/v3 v3.6.5 h1:yRwZNFBx/35VKHTcLDeO7XVLbCBFbPi+XV4OC3QJf2U= +go.etcd.io/etcd/client/v3 v3.6.5/go.mod h1:ZqwG/7TAFZ0BJ0jXRPoJjKQJtbFo/9NIY8uoFFKcCyo= +go.etcd.io/etcd/pkg/v3 v3.6.5 h1:byxWB4AqIKI4SBmquZUG1WGtvMfMaorXFoCcFbVeoxM= +go.etcd.io/etcd/pkg/v3 v3.6.5/go.mod h1:uqrXrzmMIJDEy5j00bCqhVLzR5jEJIwDp5wTlLwPGOU= +go.etcd.io/etcd/server/v3 v3.6.5 h1:4RbUb1Bd4y1WkBHmuF+cZII83JNQMuNXzyjwigQ06y0= +go.etcd.io/etcd/server/v3 v3.6.5/go.mod h1:PLuhyVXz8WWRhzXDsl3A3zv/+aK9e4A9lpQkqawIaH0= +go.etcd.io/raft/v3 v3.6.0 h1:5NtvbDVYpnfZWcIHgGRk9DyzkBIXOi8j+DDp1IcnUWQ= +go.etcd.io/raft/v3 v3.6.0/go.mod h1:nLvLevg6+xrVtHUmVaTcTz603gQPHfh7kUAwV6YpfGo= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -616,38 +617,40 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0 h1:PS8wXpbyaDJQ2VDHHncMe9Vct0Zn1fEjpsjrLxGJoSc= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0/go.mod h1:HDBUsEjOuRC0EzKZ1bSaRGZWUBAzo+MhAcUUORSr4D0= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM= go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0 h1:7F3XCD6WYzDkwbi8I8N+oYJWquPVScnRosKGgqjsR8c= go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.57.0/go.mod h1:Dk3C0BfIlZDZ5c6eVS7TYiH2vssuyUU3vUsgbrR+5V4= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0 h1:yd02MEjBdJkG3uabWP9apV+OuWRIXGDuJEUJbOHmCFU= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0/go.mod h1:umTcuxiv1n/s/S6/c2AT/g2CQ7u5C59sHDNmfSwgz7Q= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q= go.opentelemetry.io/contrib/propagators/b3 v1.32.0 h1:MazJBz2Zf6HTN/nK/s3Ru1qme+VhWU5hm83QxEP+dvw= go.opentelemetry.io/contrib/propagators/b3 v1.32.0/go.mod h1:B0s70QHYPrJwPOwD1o3V/R8vETNOG9N3qZf4LDYvA30= go.opentelemetry.io/contrib/propagators/jaeger v1.32.0 h1:K/fOyTMD6GELKTIJBaJ9k3ppF2Njt8MeUGBOwfaWXXA= go.opentelemetry.io/contrib/propagators/jaeger v1.32.0/go.mod h1:ISE6hda//MTWvtngG7p4et3OCngsrTVfl7c6DjN17f8= go.opentelemetry.io/contrib/samplers/jaegerremote v0.26.0 h1:/SKXyZLAnuj981HVc8G5ZylYK3qD2W6AYR6cJx5kIHw= go.opentelemetry.io/contrib/samplers/jaegerremote v0.26.0/go.mod h1:cOEzME0M2OKeHB45lJiOKfvUCdg/r75mf7YS5w0tbmE= -go.opentelemetry.io/otel v1.33.0 h1:/FerN9bax5LoK51X/sI0SVYrjSE0/yUL7DpxW4K3FWw= -go.opentelemetry.io/otel v1.33.0/go.mod h1:SUUkR6csvUQl+yjReHu5uM3EtVV7MBm5FHKRlNx4I8I= +go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg= +go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E= go.opentelemetry.io/otel/exporters/jaeger v1.17.0 h1:D7UpUy2Xc2wsi1Ras6V40q806WM07rqoCWzXu7Sqy+4= go.opentelemetry.io/otel/exporters/jaeger v1.17.0/go.mod h1:nPCqOnEH9rNLKqH/+rrUjiMzHJdV1BlpKcTwRTyKkKI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0 h1:Vh5HayB/0HHfOQA7Ctx69E/Y/DcQSMPpKANYVMQ7fBA= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0/go.mod h1:cpgtDBaqD/6ok/UG0jT15/uKjAY8mRA53diogHBg3UI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.33.0 h1:5pojmb1U1AogINhN3SurB+zm/nIcusopeBNp42f45QM= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.33.0/go.mod h1:57gTHJSE5S1tqg+EKsLPlTWhpHMsWlVmer+LA926XiA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 h1:OeNbIYk/2C15ckl7glBlOBp5+WlYsOElzTNmiPW/x60= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0/go.mod h1:7Bept48yIeqxP2OZ9/AqIpYS94h2or0aB4FypJTc8ZM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 h1:tgJ0uaNS4c98WRNUEx5U3aDlrDOI5Rs+1Vifcw4DJ8U= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0/go.mod h1:U7HYyW0zt/a9x5J1Kjs+r1f/d4ZHnYFclhYY2+YbeoE= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0 h1:cMyu9O88joYEaI47CnQkxO1XZdpoTF9fEnW2duIddhw= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0/go.mod h1:6Am3rn7P9TVVeXYG+wtcGE7IE1tsQ+bP3AuWcKt/gOI= go.opentelemetry.io/otel/exporters/zipkin v1.32.0 h1:6O8HgLHPXtXE9QEKEWkBImL9mEKCGEl+m+OncVO53go= go.opentelemetry.io/otel/exporters/zipkin v1.32.0/go.mod h1:+MFvorlowjy0iWnsKaNxC1kzczSxe71mw85h4p8yEvg= -go.opentelemetry.io/otel/metric v1.33.0 h1:r+JOocAyeRVXD8lZpjdQjzMadVZp2M4WmQ+5WtEnklQ= -go.opentelemetry.io/otel/metric v1.33.0/go.mod h1:L9+Fyctbp6HFTddIxClbQkjtubW6O9QS3Ann/M82u6M= -go.opentelemetry.io/otel/sdk v1.33.0 h1:iax7M131HuAm9QkZotNHEfstof92xM+N8sr3uHXc2IM= -go.opentelemetry.io/otel/sdk v1.33.0/go.mod h1:A1Q5oi7/9XaMlIWzPSxLRWOI8nG3FnzHJNbiENQuihM= -go.opentelemetry.io/otel/trace v1.33.0 h1:cCJuF7LRjUFso9LPnEAHJDB2pqzp+hbO8eu1qqW2d/s= -go.opentelemetry.io/otel/trace v1.33.0/go.mod h1:uIcdVUZMpTAmz0tI1z04GoVSezK37CbGV4fr1f2nBck= -go.opentelemetry.io/proto/otlp v1.4.0 h1:TA9WRvW6zMwP+Ssb6fLoUIuirti1gGbP28GcKG1jgeg= -go.opentelemetry.io/proto/otlp v1.4.0/go.mod h1:PPBWZIP98o2ElSqI35IHfu7hIhSwvc5N38Jw8pXuGFY= +go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE= +go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs= +go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs= +go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY= +go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis= +go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4= +go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w= +go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA= +go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4= +go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= @@ -667,8 +670,8 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -1007,12 +1010,10 @@ google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 h1:KAeGQVN3M9nD0/bQXnr/ClcEMJ968gUXJQ9pwfSynuQ= -google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80/go.mod h1:cc8bqMqtv9gMOr0zHg2Vzff5ULhhL2IXP4sbcn32Dro= -google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 h1:CkkIfIt50+lT6NHAVoRYEyAvQGFM7xEwXUUywFvEb3Q= -google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576/go.mod h1:1R3kvZ1dtP3+4p4d3G8uJ8rFk/fWlScl38vanWACI08= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= +google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb h1:p31xT4yrYrSM/G4Sn2+TNUkVhFCbG9y8itM2S6Th950= +google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:jbe3Bkdp+Dh2IrslsFCklNhweNTBgSYanP1UXhJDhKg= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250528174236-200df99c418a h1:v2PbRU4K3llS09c7zodFpNePeamkAwG3mPrAery9VeE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250528174236-200df99c418a/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1029,8 +1030,8 @@ google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.68.1 h1:oI5oTa11+ng8r8XMMN7jAOmWfPZWbYpCFaMUTACxkM0= -google.golang.org/grpc v1.68.1/go.mod h1:+q1XYFJjShcqn0QZHvCyeR4CXPA+llXIeUIfIe00waw= +google.golang.org/grpc v1.72.2 h1:TdbGzwb82ty4OusHWepvFWGLgIbNo1/SUynEN0ssqv8= +google.golang.org/grpc v1.72.2/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1041,16 +1042,16 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= -google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= +google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= -gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo= +gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/go-jose/go-jose.v2 v2.6.3 h1:nt80fvSDlhKWQgSWyHyy5CfmlQr+asih51R8PTWNKKs= gopkg.in/go-jose/go-jose.v2 v2.6.3/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= @@ -1074,29 +1075,29 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.33.5 h1:YR+uhYj05jdRpcksv8kjSliW+v9hwXxn6Cv10aR8Juw= -k8s.io/api v0.33.5/go.mod h1:2gzShdwXKT5yPGiqrTrn/U/nLZ7ZyT4WuAj3XGDVgVs= -k8s.io/apiextensions-apiserver v0.33.5 h1:93NZh6rmrcamX/tfv/dZrTsMiQX69ufANmDcKPEgSeA= -k8s.io/apiextensions-apiserver v0.33.5/go.mod h1:JIbyQnNlu6nQa7b1vgFi51pmlXOk8mdn0WJwUJnz/7U= -k8s.io/apimachinery v0.33.5 h1:NiT64hln4TQXeYR18/ES39OrNsjGz8NguxsBgp+6QIo= -k8s.io/apimachinery v0.33.5/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= -k8s.io/apiserver v0.33.5 h1:X1Gy33r4YkRLRqTjGjofk7X1/EjSLEVSJ/A+1qjoj60= -k8s.io/apiserver v0.33.5/go.mod h1:Q+b5Btbc8x0PqOCeh/xBTesKk+cXQRN+PF2wdrTKDeg= -k8s.io/client-go v0.33.5 h1:I8BdmQGxInpkMEnJvV6iG7dqzP3JRlpZZlib3OMFc3o= -k8s.io/client-go v0.33.5/go.mod h1:W8PQP4MxbM4ypgagVE65mUUqK1/ByQkSALF9tzuQ6u0= -k8s.io/component-base v0.33.5 h1:4D3kxjEx1pJRy3WHAZsmX3+LCpmd4ftE+2J4v6naTnQ= -k8s.io/component-base v0.33.5/go.mod h1:Zma1YjBVuuGxIbspj1vGR3/5blzo2ARf1v0QTtog1to= +k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= +k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= +k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4= +k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU= +k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= +k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= +k8s.io/apiserver v0.35.0 h1:CUGo5o+7hW9GcAEF3x3usT3fX4f9r8xmgQeCBDaOgX4= +k8s.io/apiserver v0.35.0/go.mod h1:QUy1U4+PrzbJaM3XGu2tQ7U9A4udRRo5cyxkFX0GEds= +k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= +k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= +k8s.io/component-base v0.35.0 h1:+yBrOhzri2S1BVqyVSvcM3PtPyx5GUxCK2tinZz1G94= +k8s.io/component-base v0.35.0/go.mod h1:85SCX4UCa6SCFt6p3IKAPej7jSnF3L8EbfSyMZayJR0= k8s.io/gengo v0.0.0-20251215205346-5ee0d033ba5b h1:X0Afwan8Q1l7bMcNgh6DAah2jKCQ2irT7EoAXIChFqk= k8s.io/gengo v0.0.0-20251215205346-5ee0d033ba5b/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kms v0.33.5 h1:u60sDBe4Fz6PLeiNF13sEahjIU428ajiWuIw7NSVBlg= -k8s.io/kms v0.33.5/go.mod h1:C1I8mjFFBNzfUZXYt9FZVJ8MJl7ynFbGgZFbBzkBJ3E= -k8s.io/kube-aggregator v0.33.5 h1:5libMG9e4m9lwhNBT89bBCd9x/rZebMahw5CHq9DE/Q= -k8s.io/kube-aggregator v0.33.5/go.mod h1:mHmmDqxY2ZkInu7eSAXb1ecaKV/U9DqPTQWBV2O84go= -k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= -k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8= +k8s.io/kms v0.35.0 h1:/x87FED2kDSo66csKtcYCEHsxF/DBlNl7LfJ1fVQs1o= +k8s.io/kms v0.35.0/go.mod h1:VT+4ekZAdrZDMgShK37vvlyHUVhwI9t/9tvh0AyCWmQ= +k8s.io/kube-aggregator v0.35.0 h1:FBtbuRFA7Ohe2QKirFZcJf8rgimC8oSaNiCi4pdU5xw= +k8s.io/kube-aggregator v0.35.0/go.mod h1:vKBRpQUfDryb7udwUwF3eCSvv3AJNgHtL4PGl6PqAg8= +k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e h1:iW9ChlU0cU16w8MpVYjXk12dqQ4BPFBEgif+ap7/hqQ= +k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= @@ -1104,14 +1105,12 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 h1:jpcvIRr3GLoUoEKRkHKSmGjxb6lWwrBlJsXc+eUYQHM= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= -sigs.k8s.io/randfill v0.0.0-20250304075658-069ef1bbf016/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= -sigs.k8s.io/structured-merge-diff/v4 v4.6.0 h1:IUA9nvMmnKWcj5jl84xn+T5MnlZKThmUW1TdblaLVAc= -sigs.k8s.io/structured-merge-diff/v4 v4.6.0/go.mod h1:dDy58f92j70zLsuZVuUX5Wp9vtxXpaZnkPGWeqDfCps= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= +sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/hack/lib/kube-versions.txt b/hack/lib/kube-versions.txt index cc585947a..f948e9cf8 100644 --- a/hack/lib/kube-versions.txt +++ b/hack/lib/kube-versions.txt @@ -12,11 +12,9 @@ # Whenever a new version is added to this file, or when a version number # is edited in this file, please run hack/update.sh. # -1.33.5 -1.32.9 -1.31.13 +1.35.0 +1.34.2 +1.33.6 +1.32.10 +1.31.14 1.30.14 -1.29.14 -1.28.15 -1.27.16 -1.26.15 diff --git a/hack/update-go-mod/overrides.conf b/hack/update-go-mod/overrides.conf index cd3d8b616..bd37611c0 100644 --- a/hack/update-go-mod/overrides.conf +++ b/hack/update-go-mod/overrides.conf @@ -10,16 +10,3 @@ github.com/ory/fosite github.com/ory/fosite@master # we bump chromedp, but only enough to match the version of cdproto from # chromedp's go.mod file. github.com/chromedp/cdproto NEVER_UPGRADE_DIRECTLY - -# This is the version of k8s.io/kube-openapi used in v0.33.3 kubernetes libs. -# Newer versions of k8s.io/kube-openapi bring in sigs.k8s.io/structured-merge-diff/v6 which causes a compile error. -# https://github.com/kubernetes/client-go/blob/v0.33.0/go.mod#L31 -k8s.io/kube-openapi k8s.io/kube-openapi@v0.0.0-20250318190949-c8a335a9a2ff - -k8s.io/api k8s.io/api@v0.33.5 -k8s.io/apiextensions-apiserver k8s.io/apiextensions-apiserver@v0.33.5 -k8s.io/apimachinery k8s.io/apimachinery@v0.33.5 -k8s.io/apiserver k8s.io/apiserver@v0.33.5 -k8s.io/client-go k8s.io/client-go@v0.33.5 -k8s.io/component-base k8s.io/component-base@v0.33.5 -k8s.io/kube-aggregator k8s.io/kube-aggregator@v0.33.5 diff --git a/internal/concierge/impersonator/impersonator.go b/internal/concierge/impersonator/impersonator.go index a01e60551..9c06d3f6d 100644 --- a/internal/concierge/impersonator/impersonator.go +++ b/internal/concierge/impersonator/impersonator.go @@ -12,7 +12,6 @@ import ( "net/http" "net/http/httputil" "net/url" - "reflect" "regexp" "strings" "sync" @@ -463,6 +462,11 @@ type contextKey int const tokenKey contextKey = iota +type auditEventUserInfo struct { + User authenticationv1.UserInfo + ImpersonatedUser *authenticationv1.UserInfo +} + func newImpersonationReverseProxyFunc(restConfig *rest.Config) (func(*genericapiserver.Config) http.Handler, error) { serverURL, err := url.Parse(restConfig.Host) if err != nil { @@ -518,15 +522,19 @@ func newImpersonationReverseProxyFunc(restConfig *rest.Config) (func(*genericapi return } - ae := audit.AuditEventFrom(r.Context()) - if ae == nil || reflect.DeepEqual(*ae, auditinternal.Event{}) { - plog.Warning("aggregated API server logic did not set audit event but it is always supposed to do so", + ac := audit.AuditContextFrom(r.Context()) + if ac == nil { + plog.Warning("aggregated API server logic did not set audit context but it is always supposed to do so", "url", r.URL.String(), "method", r.Method, ) - newInternalErrResponse(w, r, c.Serializer, "invalid audit event") + newInternalErrResponse(w, r, c.Serializer, "invalid audit context") return } + ae := &auditEventUserInfo{ + User: ac.GetEventUser(), + ImpersonatedUser: ac.GetEventImpersonatedUser(), + } // grab the request's bearer token if present. this is optional and does not fail the request if missing. token := tokenFrom(r.Context()) @@ -640,7 +648,7 @@ func ensureNoImpersonationHeaders(r *http.Request) error { return nil } -func getTransportForUser(ctx context.Context, userInfo user.Info, delegate, delegateAnonymous http.RoundTripper, ae *auditinternal.Event, token string, authenticator authenticator.Request) (http.RoundTripper, error) { +func getTransportForUser(ctx context.Context, userInfo user.Info, delegate, delegateAnonymous http.RoundTripper, ae *auditEventUserInfo, token string, authenticator authenticator.Request) (http.RoundTripper, error) { if canImpersonateFully(userInfo) { return standardImpersonationRoundTripper(userInfo, ae, delegate) } @@ -658,7 +666,7 @@ func canImpersonateFully(userInfo user.Info) bool { return false } -func standardImpersonationRoundTripper(userInfo user.Info, ae *auditinternal.Event, delegate http.RoundTripper) (http.RoundTripper, error) { +func standardImpersonationRoundTripper(userInfo user.Info, ae *auditEventUserInfo, delegate http.RoundTripper) (http.RoundTripper, error) { extra, err := buildExtra(userInfo.GetExtra(), ae) if err != nil { return nil, err @@ -674,7 +682,7 @@ func standardImpersonationRoundTripper(userInfo user.Info, ae *auditinternal.Eve return transport.NewImpersonatingRoundTripper(impersonateConfig, delegate), nil } -func tokenPassthroughRoundTripper(ctx context.Context, delegateAnonymous http.RoundTripper, ae *auditinternal.Event, token string, authenticator authenticator.Request) (http.RoundTripper, error) { +func tokenPassthroughRoundTripper(ctx context.Context, delegateAnonymous http.RoundTripper, ae *auditEventUserInfo, token string, authenticator authenticator.Request) (http.RoundTripper, error) { // all code below assumes KAS does not support UID impersonation because that case is handled in the standard path // it also assumes that the TCR API does not issue tokens - if this assumption changes, we will need @@ -752,7 +760,7 @@ func tokenReview(ctx context.Context, token string, authenticator authenticator. return tokenUser, nil } -func buildExtra(extra map[string][]string, ae *auditinternal.Event) (map[string][]string, error) { +func buildExtra(extra map[string][]string, ae *auditEventUserInfo) (map[string][]string, error) { const reservedImpersonationProxySuffix = ".impersonation-proxy.concierge.pinniped.dev" // always validate that the extra is something we support irregardless of nested impersonation diff --git a/internal/concierge/impersonator/impersonator_test.go b/internal/concierge/impersonator/impersonator_test.go index eaa377512..a0ec03f9f 100644 --- a/internal/concierge/impersonator/impersonator_test.go +++ b/internal/concierge/impersonator/impersonator_test.go @@ -22,7 +22,6 @@ import ( "time" "github.com/stretchr/testify/require" - authenticationv1 "k8s.io/api/authentication/v1" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -1651,15 +1650,21 @@ func TestImpersonatorHTTPHandler(t *testing.T) { } tests := []struct { - name string - restConfig *rest.Config + name string + + restConfig *rest.Config + requestHeaders map[string][]string + requestUser user.Info + requestAuditEventUser user.Info + requestAuditEventImpersonatedUser user.Info + requestToken string + authenticator authenticator.Request + kubeAPIServerStatusCode int + wantCreationErr string - request *http.Request - authenticator authenticator.Request wantHTTPBody string wantHTTPStatus int wantKubeAPIServerRequestHeaders http.Header - kubeAPIServerStatusCode int }{ { name: "invalid kubeconfig host", @@ -1687,269 +1692,259 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "Impersonate-User header already in request", - request: newRequest(t, map[string][]string{"Impersonate-User": {"some-user"}}, nil, nil, ""), + requestHeaders: map[string][]string{"Impersonate-User": {"some-user"}}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid impersonation","reason":"InternalError","details":{"causes":[{"message":"invalid impersonation"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "Impersonate-Group header already in request", - request: newRequest(t, map[string][]string{"Impersonate-Group": {"some-group"}}, nil, nil, ""), + requestHeaders: map[string][]string{"Impersonate-Group": {"some-group"}}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid impersonation","reason":"InternalError","details":{"causes":[{"message":"invalid impersonation"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "Impersonate-Extra header already in request", - request: newRequest(t, map[string][]string{"Impersonate-Extra-something": {"something"}}, nil, nil, ""), + requestHeaders: map[string][]string{"Impersonate-Extra-something": {"something"}}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid impersonation","reason":"InternalError","details":{"causes":[{"message":"invalid impersonation"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "Impersonate-* header already in request", - request: newRequest(t, map[string][]string{"Impersonate-Something": {"some-newfangled-impersonate-header"}}, nil, nil, ""), + requestHeaders: map[string][]string{"Impersonate-Something": {"some-newfangled-impersonate-header"}}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid impersonation","reason":"InternalError","details":{"causes":[{"message":"invalid impersonation"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "unexpected authorization header", - request: newRequest(t, map[string][]string{"Authorization": {"panda"}}, nil, nil, ""), + requestHeaders: map[string][]string{"Authorization": {"panda"}}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid authorization header","reason":"InternalError","details":{"causes":[{"message":"invalid authorization header"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "missing user", - request: newRequest(t, map[string][]string{}, nil, nil, ""), + requestHeaders: map[string][]string{}, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid user","reason":"InternalError","details":{"causes":[{"message":"invalid user"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { - name: "unexpected UID", - request: newRequest(t, map[string][]string{}, &user.DefaultInfo{UID: "007"}, &auditinternal.Event{User: authenticationv1.UserInfo{UID: "007"}}, ""), - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", - wantHTTPStatus: http.StatusInternalServerError, + name: "unexpected UID", + requestHeaders: map[string][]string{}, + requestUser: &user.DefaultInfo{UID: "007"}, + requestAuditEventUser: &user.DefaultInfo{UID: "007"}, + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", + wantHTTPStatus: http.StatusInternalServerError, }, { - name: "authenticated user but missing audit event", - request: func() *http.Request { - return newRequest(t, map[string][]string{ - "User-Agent": {"test-user-agent"}, - "Connection": {"Upgrade"}, - "Upgrade": {"some-upgrade"}, - "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ - Name: testUser, - Groups: testGroups, - Extra: testExtra, - }, nil, "") - }(), - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid audit event","reason":"InternalError","details":{"causes":[{"message":"invalid audit event"}]},"code":500}` + "\n", + name: "authenticated user but missing audit context", + requestHeaders: map[string][]string{ + "User-Agent": {"test-user-agent"}, + "Connection": {"Upgrade"}, + "Upgrade": {"some-upgrade"}, + "Other-Header": {"test-header-value-1"}, + }, + requestUser: &user.DefaultInfo{ + Name: testUser, + Groups: testGroups, + Extra: testExtra, + }, + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: invalid audit context","reason":"InternalError","details":{"causes":[{"message":"invalid audit context"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with upper case extra", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: map[string][]string{ "valid-key": {"valid-value"}, "Invalid-key": {"still-valid-value"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: testUser}}, ""), - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", - wantHTTPStatus: http.StatusInternalServerError, + }, + requestAuditEventUser: &user.DefaultInfo{Name: testUser}, + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", + wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with upper case extra across multiple lines", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: map[string][]string{ "valid-key": {"valid-value"}, "valid-data\nInvalid-key": {"still-valid-value"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: testUser}}, ""), - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", - wantHTTPStatus: http.StatusInternalServerError, + }, + requestAuditEventUser: &user.DefaultInfo{Name: testUser}, + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", + wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with reserved extra key", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: map[string][]string{ "valid-key": {"valid-value"}, "foo.impersonation-proxy.concierge.pinniped.dev": {"still-valid-value"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: testUser}}, ""), - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", - wantHTTPStatus: http.StatusInternalServerError, + }, + requestAuditEventUser: &user.DefaultInfo{Name: testUser}, + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", + wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with UID but no bearer token", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: testUser, - UID: "fancy-uid", - Groups: testGroups, - Extra: map[string]authenticationv1.ExtraValue{ - "extra-1": {"some", "extra", "stuff"}, - "extra-2": {"some", "more", "extra", "stuff"}, - }, - }, - ImpersonatedUser: nil, + requestAuditEventUser: &user.DefaultInfo{ + Name: testUser, + UID: "fancy-uid", + Groups: testGroups, + Extra: map[string][]string{ + "extra-1": {"some", "extra", "stuff"}, + "extra-2": {"some", "more", "extra", "stuff"}, }, - "", - ), - authenticator: nil, + }, wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with UID and bearer token and nested impersonation", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "dude", - UID: "--1--", - Groups: []string{"--a--", "--b--"}, - Extra: map[string]authenticationv1.ExtraValue{ - "--c--": {"--d--"}, - "--e--": {"--f--"}, - }, - }, - ImpersonatedUser: &authenticationv1.UserInfo{}, + requestAuditEventUser: &user.DefaultInfo{ + Name: "dude", + UID: "--1--", + Groups: []string{"--a--", "--b--"}, + Extra: map[string][]string{ + "--c--": {"--d--"}, + "--e--": {"--f--"}, }, - "token-from-user-nested", - ), - authenticator: nil, - wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", - wantHTTPStatus: http.StatusInternalServerError, + }, + requestAuditEventImpersonatedUser: &user.DefaultInfo{}, + requestToken: "token-from-user-nested", + wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", + wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with UID and bearer token results in error", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "dude", - UID: "--1--", - Groups: []string{"--a--", "--b--"}, - Extra: map[string]authenticationv1.ExtraValue{ - "--c--": {"--d--"}, - "--e--": {"--f--"}, - }, - }, - ImpersonatedUser: nil, + requestAuditEventUser: &user.DefaultInfo{ + Name: "dude", + UID: "--1--", + Groups: []string{"--a--", "--b--"}, + Extra: map[string][]string{ + "--c--": {"--d--"}, + "--e--": {"--f--"}, }, - "some-non-empty-token", - ), + }, + requestToken: "some-non-empty-token", authenticator: testTokenAuthenticator(t, "", nil, constable.Error("some err")), wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with UID and bearer token does not authenticate", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "dude", - UID: "--1--", - Groups: []string{"--a--", "--b--"}, - Extra: map[string]authenticationv1.ExtraValue{ - "--c--": {"--d--"}, - "--e--": {"--f--"}, - }, - }, - ImpersonatedUser: nil, + requestAuditEventUser: &user.DefaultInfo{ + Name: "dude", + UID: "--1--", + Groups: []string{"--a--", "--b--"}, + Extra: map[string][]string{ + "--c--": {"--d--"}, + "--e--": {"--f--"}, }, - "this-token-does-not-work", - ), + }, + requestToken: "this-token-does-not-work", authenticator: testTokenAuthenticator(t, "some-other-token-works", nil, nil), wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, }, { name: "authenticated user with UID and bearer token authenticates as different user", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Connection": {"Upgrade"}, "Upgrade": {"some-upgrade"}, "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "dude", - UID: "--1--", - Groups: []string{"--a--", "--b--"}, - Extra: map[string]authenticationv1.ExtraValue{ - "--c--": {"--d--"}, - "--e--": {"--f--"}, - }, - }, - ImpersonatedUser: nil, + requestAuditEventUser: &user.DefaultInfo{ + Name: "dude", + UID: "--1--", + Groups: []string{"--a--", "--b--"}, + Extra: map[string][]string{ + "--c--": {"--d--"}, + "--e--": {"--f--"}, }, - "this-token-does-work", - ), + }, + requestToken: "this-token-does-work", authenticator: testTokenAuthenticator(t, "this-token-does-work", &user.DefaultInfo{Name: "someone-else"}, nil), wantHTTPBody: `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Internal error occurred: unimplemented functionality - unable to act as current user","reason":"InternalError","details":{"causes":[{"message":"unimplemented functionality - unable to act as current user"}]},"code":500}` + "\n", wantHTTPStatus: http.StatusInternalServerError, @@ -1957,7 +1952,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { // happy path { name: "authenticated user", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -1966,11 +1961,13 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: testExtra, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: testUser}}, ""), + }, + requestAuditEventUser: &user.DefaultInfo{Name: testUser}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Extra-1": {"some", "extra", "stuff"}, @@ -1990,7 +1987,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated user with UID and bearer token", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -1999,23 +1996,20 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ UID: "-", // anything non-empty, rest of the fields get ignored in this code path }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: testUser, - UID: "fancy-uid", - Groups: testGroups, - Extra: map[string]authenticationv1.ExtraValue{ - "extra-1": {"some", "extra", "stuff"}, - "extra-2": {"some", "more", "extra", "stuff"}, - }, - }, - ImpersonatedUser: nil, + requestAuditEventUser: &user.DefaultInfo{ + Name: testUser, + UID: "fancy-uid", + Groups: testGroups, + Extra: map[string][]string{ + "extra-1": {"some", "extra", "stuff"}, + "extra-2": {"some", "more", "extra", "stuff"}, }, - "token-from-user", - ), + }, + requestToken: "token-from-user", authenticator: testTokenAuthenticator( t, "token-from-user", @@ -2042,7 +2036,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated gke user", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2051,7 +2045,8 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: "username@company.com", Groups: []string{"system:authenticated"}, Extra: map[string][]string{ @@ -2059,7 +2054,8 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "iam.gke.io/user-assertion": {"ABC"}, "user-assertion.cloud.google.com": {"XYZ"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: "username@company.com"}}, ""), + }, + requestAuditEventUser: &user.DefaultInfo{Name: "username@company.com"}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Iam.gke.io%2fuser-Assertion": {"ABC"}, @@ -2079,7 +2075,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated openshift/openstack user", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2088,7 +2084,8 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: "kube:admin", // both of these auth stacks set UID but we cannot handle it today // UID: "user-id", @@ -2104,7 +2101,8 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "alpha.kubernetes.io/identity/user/domain/id": {"domain-id"}, "alpha.kubernetes.io/identity/user/domain/name": {"domain-name"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: "kube:admin"}}, ""), + }, + requestAuditEventUser: &user.DefaultInfo{Name: "kube:admin"}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Scopes.authorization.openshift.io": {"user:info", "user:full"}, @@ -2128,7 +2126,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated user with almost reserved key", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2137,13 +2135,15 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: "username@company.com", Groups: []string{"system:authenticated"}, Extra: map[string][]string{ "foo.iimpersonation-proxy.concierge.pinniped.dev": {"still-valid-value"}, }, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: "username@company.com"}}, ""), + }, + requestAuditEventUser: &user.DefaultInfo{Name: "username@company.com"}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Foo.iimpersonation-Proxy.concierge.pinniped.dev": {"still-valid-value"}, @@ -2162,7 +2162,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated user with almost reserved key and nested impersonation", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2171,26 +2171,23 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: "username@company.com", Groups: []string{"system:authenticated"}, Extra: map[string][]string{ "original-user-info.impersonation-proxyy.concierge.pinniped.dev": {"log confusion stuff here"}, }, }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "panda", - UID: "0x001", - Groups: []string{"bears", "friends"}, - Extra: map[string]authenticationv1.ExtraValue{ - "original-user-info.impersonation-proxy.concierge.pinniped.dev": {"this is allowed"}, - }, - }, - ImpersonatedUser: &authenticationv1.UserInfo{}, + requestAuditEventUser: &user.DefaultInfo{ + Name: "panda", + UID: "0x001", + Groups: []string{"bears", "friends"}, + Extra: map[string][]string{ + "original-user-info.impersonation-proxy.concierge.pinniped.dev": {"this is allowed"}, }, - "", - ), + }, + requestAuditEventImpersonatedUser: &user.DefaultInfo{}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Original-User-Info.impersonation-Proxyy.concierge.pinniped.dev": {"log confusion stuff here"}, @@ -2210,7 +2207,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated user with nested impersonation", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2219,25 +2216,22 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: testExtra, }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "panda", - UID: "0x001", - Groups: []string{"bears", "friends"}, - Extra: map[string]authenticationv1.ExtraValue{ - "assertion": {"sha", "md5"}, - "req-id": {"0123"}, - }, - }, - ImpersonatedUser: &authenticationv1.UserInfo{}, + requestAuditEventUser: &user.DefaultInfo{ + Name: "panda", + UID: "0x001", + Groups: []string{"bears", "friends"}, + Extra: map[string][]string{ + "assertion": {"sha", "md5"}, + "req-id": {"0123"}, }, - "", - ), + }, + requestAuditEventImpersonatedUser: &user.DefaultInfo{}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Extra-1": {"some", "extra", "stuff"}, @@ -2258,7 +2252,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated gke user with nested impersonation", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2267,25 +2261,22 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: testExtra, }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "username@company.com", - Groups: []string{"system:authenticated"}, - Extra: map[string]authenticationv1.ExtraValue{ - // make sure we can handle these keys - "iam.gke.io/user-assertion": {"ABC"}, - "user-assertion.cloud.google.com": {"999"}, - }, - }, - ImpersonatedUser: &authenticationv1.UserInfo{}, + requestAuditEventUser: &user.DefaultInfo{ + Name: "username@company.com", + Groups: []string{"system:authenticated"}, + Extra: map[string][]string{ + // make sure we can handle these keys + "iam.gke.io/user-assertion": {"ABC"}, + "user-assertion.cloud.google.com": {"999"}, }, - "", - ), + }, + requestAuditEventImpersonatedUser: &user.DefaultInfo{}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Extra-1": {"some", "extra", "stuff"}, @@ -2306,7 +2297,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "authenticated user with nested impersonation of gke user", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, "Accept": {"some-accepted-format"}, "Accept-Encoding": {"some-accepted-encoding"}, @@ -2315,7 +2306,8 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "Content-Type": {"some-type"}, "Content-Length": {"some-length"}, "Other-Header": {"test-header-value-1"}, // this header will be passed through - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: "username@company.com", Groups: []string{"system:authenticated"}, Extra: map[string][]string{ @@ -2324,20 +2316,16 @@ func TestImpersonatorHTTPHandler(t *testing.T) { "user-assertion.cloud.google.com": {"XYZ"}, }, }, - &auditinternal.Event{ - User: authenticationv1.UserInfo{ - Username: "panda", - UID: "0x001", - Groups: []string{"bears", "friends"}, - Extra: map[string]authenticationv1.ExtraValue{ - "assertion": {"sha", "md5"}, - "req-id": {"0123"}, - }, - }, - ImpersonatedUser: &authenticationv1.UserInfo{}, + requestAuditEventUser: &user.DefaultInfo{ + Name: "panda", + UID: "0x001", + Groups: []string{"bears", "friends"}, + Extra: map[string][]string{ + "assertion": {"sha", "md5"}, + "req-id": {"0123"}, }, - "", - ), + }, + requestAuditEventImpersonatedUser: &user.DefaultInfo{}, wantKubeAPIServerRequestHeaders: map[string][]string{ "Authorization": {"Bearer some-service-account-token"}, "Impersonate-Extra-Iam.gke.io%2fuser-Assertion": {"DEF"}, @@ -2358,13 +2346,15 @@ func TestImpersonatorHTTPHandler(t *testing.T) { }, { name: "user is authenticated but the kube API request returns an error", - request: newRequest(t, map[string][]string{ + requestHeaders: map[string][]string{ "User-Agent": {"test-user-agent"}, - }, &user.DefaultInfo{ + }, + requestUser: &user.DefaultInfo{ Name: testUser, Groups: testGroups, Extra: testExtra, - }, &auditinternal.Event{User: authenticationv1.UserInfo{Username: testUser}}, ""), + }, + requestAuditEventUser: &user.DefaultInfo{Name: testUser}, kubeAPIServerStatusCode: http.StatusNotFound, wantKubeAPIServerRequestHeaders: map[string][]string{ "Accept-Encoding": {"gzip"}, // because the rest client used in this test does not disable compression @@ -2457,7 +2447,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { w := httptest.NewRecorder() - r := tt.request + r := newRequest(t, tt.requestHeaders, tt.requestUser, tt.requestAuditEventUser, tt.requestAuditEventImpersonatedUser, tt.requestToken) wantKubeAPIServerRequestHeaders := tt.wantKubeAPIServerRequestHeaders // take the isUpgradeRequest branch randomly to make sure we exercise both branches @@ -2496,7 +2486,7 @@ func TestImpersonatorHTTPHandler(t *testing.T) { } } -func newRequest(t *testing.T, h http.Header, userInfo user.Info, event *auditinternal.Event, token string) *http.Request { +func newRequest(t *testing.T, h http.Header, userInfo user.Info, auditEventUser user.Info, auditEventImpersonatedUser user.Info, token string) *http.Request { t.Helper() validURL, err := url.Parse("http://pinniped.dev/blah") @@ -2508,12 +2498,6 @@ func newRequest(t *testing.T, h http.Header, userInfo user.Info, event *auditint ctx = request.WithUser(ctx, userInfo) } - ctx = audit.WithAuditContext(ctx) - if event != nil { - ac := audit.AuditContextFrom(ctx) - ac.Event = *event - } - reqInfo := &request.RequestInfo{ IsResourceRequest: false, Path: validURL.Path, @@ -2531,9 +2515,25 @@ func newRequest(t *testing.T, h http.Header, userInfo user.Info, event *auditint ctx, cancel = context.WithDeadline(ctx, time.Now().Add(time.Hour)) t.Cleanup(cancel) + if auditEventUser != nil || auditEventImpersonatedUser != nil { + ctx = audit.WithAuditContext(ctx) + // Need to set the audit level or else audit.LogImpersonatedUser() just returns with no effect. + err = audit.AuditContextFrom(ctx).Init(audit.RequestAuditConfig{Level: auditinternal.LevelMetadata}, nil) + require.NoError(t, err) + } + r, err := http.NewRequestWithContext(ctx, http.MethodGet, validURL.String(), nil) require.NoError(t, err) + if auditEventUser != nil { + // This sets the User field on the audit event for us (and other fields that we ignore too). + audit.LogRequestMetadata(r.Context(), r, time.Now(), authorizer.AttributesRecord{User: auditEventUser}) + } + if auditEventImpersonatedUser != nil { + // This sets the ImpersonatedUser field on the audit event for us. + audit.LogImpersonatedUser(r.Context(), auditEventImpersonatedUser, "") + } + r.Header = h return r From ebfd7d0600bc8c9e244b0c55090a115214daca9e Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Thu, 18 Dec 2025 13:48:05 -0800 Subject: [PATCH 02/11] delete test table entries that were accidentally duplicated --- .../impersonator/impersonator_test.go | 423 +----------------- 1 file changed, 1 insertion(+), 422 deletions(-) diff --git a/internal/concierge/impersonator/impersonator_test.go b/internal/concierge/impersonator/impersonator_test.go index a0ec03f9f..ef62ed9a6 100644 --- a/internal/concierge/impersonator/impersonator_test.go +++ b/internal/concierge/impersonator/impersonator_test.go @@ -685,9 +685,7 @@ func TestImpersonator(t *testing.T) { Name: "panda", UID: "", Groups: []string{"other-peeps", "system:authenticated"}, - Extra: map[string][]string{ - "party~~time": {"danger"}, - }, + Extra: map[string][]string{"party~~time": {"danger"}}, }, Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", }, @@ -807,425 +805,6 @@ func TestImpersonator(t *testing.T) { } }, }, - { - name: "failed client cert authentication", - clientCert: newClientCert(t, unrelatedCA, "test-username", []string{"test-group1"}), - wantError: "Unauthorized", - wantAuthorizerAttributes: nil, - }, - { - name: "nested impersonation by regular users calls delegating authorizer", - clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{UserName: "some-other-username"}, - // this fails because the delegating authorizer in this test only allows system:masters and fails everything else - wantError: `users "some-other-username" is forbidden: User "test-username" ` + - `cannot impersonate resource "users" in API group "" at the cluster scope: ` + - `decision made by impersonation-proxy.concierge.pinniped.dev`, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestUsername(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", - }, - } - }, - }, - { - name: "nested impersonation by admin users calls delegating authorizer", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{ - UserName: "fire", - Groups: []string{"elements"}, - Extra: map[string][]string{ - "colors": {"red", "orange", "blue"}, - - // gke - "iam.gke.io/user-assertion": {"good", "stuff"}, - "user-assertion.cloud.google.com": {"smaller", "things"}, - - // openshift - "scopes.authorization.openshift.io": {"user:info", "user:full", "user:check-access"}, - - // openstack - "alpha.kubernetes.io/identity/roles": {"a-role1", "a-role2"}, - "alpha.kubernetes.io/identity/project/id": {"a-project-id"}, - "alpha.kubernetes.io/identity/project/name": {"a-project-name"}, - "alpha.kubernetes.io/identity/user/domain/id": {"a-domain-id"}, - "alpha.kubernetes.io/identity/user/domain/name": {"a-domain-name"}, - }, - }, - wantKubeAPIServerRequestHeaders: func(credentialID string) http.Header { - return http.Header{ - "Impersonate-User": {"fire"}, - "Impersonate-Group": {"elements", "system:authenticated"}, - "Impersonate-Extra-Colors": {"red", "orange", "blue"}, - "Impersonate-Extra-Iam.gke.io%2fuser-Assertion": {"good", "stuff"}, - "Impersonate-Extra-User-Assertion.cloud.google.com": {"smaller", "things"}, - "Impersonate-Extra-Scopes.authorization.openshift.io": {"user:info", "user:full", "user:check-access"}, - "Impersonate-Extra-Alpha.kubernetes.io%2fidentity%2froles": {"a-role1", "a-role2"}, - "Impersonate-Extra-Alpha.kubernetes.io%2fidentity%2fproject%2fid": {"a-project-id"}, - "Impersonate-Extra-Alpha.kubernetes.io%2fidentity%2fproject%2fname": {"a-project-name"}, - "Impersonate-Extra-Alpha.kubernetes.io%2fidentity%2fuser%2fdomain%2fid": {"a-domain-id"}, - "Impersonate-Extra-Alpha.kubernetes.io%2fidentity%2fuser%2fdomain%2fname": {"a-domain-name"}, - "Impersonate-Extra-Original-User-Info.impersonation-Proxy.concierge.pinniped.dev": {`{"username":"test-admin","groups":["test-group2","system:masters","system:authenticated"],"extra":{"authentication.kubernetes.io/credential-id":["` + credentialID + `"]}}`}, - "Authorization": {"Bearer some-service-account-token"}, - "User-Agent": {"test-agent"}, - "Accept": {"application/vnd.kubernetes.protobuf,application/json"}, - "Accept-Encoding": {"gzip"}, - "X-Forwarded-For": {"127.0.0.1"}, - } - }, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "fire", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "elements", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "good", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "iam.gke.io/user-assertion", Name: "stuff", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role1", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/roles", Name: "a-role2", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "smaller", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "user-assertion.cloud.google.com", Name: "things", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "colors", Name: "red", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "colors", Name: "orange", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "colors", Name: "blue", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "scopes.authorization.openshift.io", Name: "user:info", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "scopes.authorization.openshift.io", Name: "user:full", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "scopes.authorization.openshift.io", Name: "user:check-access", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/project/name", Name: "a-project-name", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/user/domain/id", Name: "a-domain-id", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/user/domain/name", Name: "a-domain-name", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "alpha.kubernetes.io/identity/project/id", Name: "a-project-id", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "fire", - UID: "", - Groups: []string{"elements", "system:authenticated"}, - Extra: map[string][]string{ - "alpha.kubernetes.io/identity/project/id": {"a-project-id"}, - "alpha.kubernetes.io/identity/project/name": {"a-project-name"}, - "alpha.kubernetes.io/identity/roles": {"a-role1", "a-role2"}, - "alpha.kubernetes.io/identity/user/domain/id": {"a-domain-id"}, - "alpha.kubernetes.io/identity/user/domain/name": {"a-domain-name"}, - "colors": {"red", "orange", "blue"}, - "iam.gke.io/user-assertion": {"good", "stuff"}, - "scopes.authorization.openshift.io": {"user:info", "user:full", "user:check-access"}, - "user-assertion.cloud.google.com": {"smaller", "things"}, - }, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "nested impersonation by admin users cannot impersonate UID", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{UserName: "some-other-username"}, - clientMutateHeaders: func(header http.Header) { - header["Impersonate-Uid"] = []string{"root"} - }, - wantError: "Internal error occurred: unimplemented functionality - unable to act as current user", - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "root", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "some-other-username", - UID: "root", - Groups: []string{"system:authenticated"}, - Extra: map[string][]string{}, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "nested impersonation by admin users cannot impersonate UID header canonicalization", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{UserName: "some-other-username"}, - clientMutateHeaders: func(header http.Header) { - header["imPerSoNaTE-uid"] = []string{"magic"} - }, - wantError: "Internal error occurred: unimplemented functionality - unable to act as current user", - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "some-other-username", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "uids", Subresource: "", Name: "magic", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "some-other-username", - UID: "magic", - Groups: []string{"system:authenticated"}, - Extra: map[string][]string{}, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "nested impersonation by admin users cannot use reserved key", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{ - UserName: "other-user-to-impersonate", - Groups: []string{"other-peeps"}, - Extra: map[string][]string{ - "key": {"good"}, - "something.impersonation-proxy.concierge.pinniped.dev": {"bad data"}, - }, - }, - wantError: "Internal error occurred: unimplemented functionality - unable to act as current user", - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "other-user-to-impersonate", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "something.impersonation-proxy.concierge.pinniped.dev", Name: "bad data", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "key", Name: "good", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "other-user-to-impersonate", - UID: "", - Groups: []string{"other-peeps", "system:authenticated"}, - Extra: map[string][]string{ - "key": {"good"}, - "something.impersonation-proxy.concierge.pinniped.dev": {"bad data"}, - }, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "nested impersonation by admin users cannot use invalid key", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{ - UserName: "panda", - Groups: []string{"other-peeps"}, - Extra: map[string][]string{ - "party~~time": {"danger"}, - }, - }, - wantError: "Internal error occurred: unimplemented functionality - unable to act as current user", - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "party~~time", Name: "danger", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "panda", - UID: "", - Groups: []string{"other-peeps", "system:authenticated"}, - Extra: map[string][]string{"party~~time": {"danger"}}, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "nested impersonation by admin users can use uppercase key because impersonation is lossy", - clientCert: newClientCert(t, ca, "test-admin", []string{"system:masters", "test-group2"}), - clientImpersonateUser: rest.ImpersonationConfig{ - UserName: "panda", - Groups: []string{"other-peeps"}, - Extra: map[string][]string{ - "ROAR": {"tiger"}, // by the time our code sees this key, it is lowercased to "roar" - }, - }, - wantKubeAPIServerRequestHeaders: func(credentialID string) http.Header { - return http.Header{ - "Impersonate-User": {"panda"}, - "Impersonate-Group": {"other-peeps", "system:authenticated"}, - "Impersonate-Extra-Roar": {"tiger"}, - "Impersonate-Extra-Original-User-Info.impersonation-Proxy.concierge.pinniped.dev": {`{"username":"test-admin","groups":["test-group2","system:masters","system:authenticated"],"extra":{"authentication.kubernetes.io/credential-id":["` + credentialID + `"]}}`}, - "Authorization": {"Bearer some-service-account-token"}, - "User-Agent": {"test-agent"}, - "Accept": {"application/vnd.kubernetes.protobuf,application/json"}, - "Accept-Encoding": {"gzip"}, - "X-Forwarded-For": {"127.0.0.1"}, - } - }, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "panda", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "groups", Subresource: "", Name: "other-peeps", ResourceRequest: true, Path: "", - }, - { - User: defaultInfoForTestAdmin(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "authentication.k8s.io", APIVersion: "v1", Resource: "userextras", Subresource: "roar", Name: "tiger", ResourceRequest: true, Path: "", - }, - { - User: &user.DefaultInfo{ - Name: "panda", - UID: "", - Groups: []string{"other-peeps", "system:authenticated"}, - Extra: map[string][]string{"roar": {"tiger"}}, - }, - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, - { - name: "unexpected healthz response", - kubeAPIServerHealthz: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusInternalServerError) - _, _ = w.Write([]byte("broken")) - }), - wantConstructionError: `could not detect if anonymous authentication is enabled: an error on the server ("broken") has prevented the request from succeeding`, - wantAuthorizerAttributes: nil, - }, - { - name: "header canonicalization user header", - clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), - clientMutateHeaders: func(header http.Header) { - header["imPerSonaTE-USer"] = []string{"PANDA"} - }, - wantError: `users "PANDA" is forbidden: User "test-username" ` + - `cannot impersonate resource "users" in API group "" at the cluster scope: ` + - `decision made by impersonation-proxy.concierge.pinniped.dev`, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestUsername(credentialID), - Verb: "impersonate", Namespace: "", APIGroup: "", APIVersion: "", Resource: "users", Subresource: "", Name: "PANDA", ResourceRequest: true, Path: "", - }, - } - }, - }, - { - name: "header canonicalization future UID header", // no longer future as it exists in Kube v1.22 - clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), - clientMutateHeaders: func(header http.Header) { - header["imPerSonaTE-uid"] = []string{"007"} - }, - wantError: `an error on the server ("Internal Server Error: \"/api/v1/namespaces\": requested [{UID 007 authentication.k8s.io/v1 }] without impersonating a user") has prevented the request from succeeding (get namespaces)`, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{} - }, - }, - { - name: "future UID header", // no longer future as it exists in Kube v1.22 - clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), - clientMutateHeaders: func(header http.Header) { - header["Impersonate-Uid"] = []string{"008"} - }, - wantError: `an error on the server ("Internal Server Error: \"/api/v1/namespaces\": requested [{UID 008 authentication.k8s.io/v1 }] without impersonating a user") has prevented the request from succeeding (get namespaces)`, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{} - }, - }, - { - name: "when there is no service account token cached for the impersonator to use to call the KAS", - clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), - noServiceAcctTokenInCache: true, - wantKubeAPIServerRequestHeaders: nil, // no request should have been made to the KAS on behalf of the user - wantError: `an error on the server ("") has prevented the request from succeeding (get namespaces)`, - wantAuthorizerAttributes: func(credentialID string) []authorizer.AttributesRecord { - return []authorizer.AttributesRecord{ - { - User: defaultInfoForTestUsername(credentialID), - Verb: "list", Namespace: "", APIGroup: "", APIVersion: "v1", Resource: "namespaces", Subresource: "", Name: "", ResourceRequest: true, Path: "/api/v1/namespaces", - }, - } - }, - }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { From 10444fb9a35599a094d23d9c0dd2dc7e469bb23c Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 11:11:31 -0800 Subject: [PATCH 03/11] update unit test expectations for kube 1.35 libraries --- cmd/pinniped/cmd/kubeconfig_test.go | 28 ------------------- cmd/pinniped/cmd/whoami_test.go | 14 +++------- .../impersonator/impersonator_test.go | 8 +++--- .../registry/clientsecretrequest/rest_test.go | 6 ++-- .../registry/credentialrequest/rest_test.go | 2 +- internal/registry/whoamirequest/rest_test.go | 4 +-- pkg/conciergeclient/conciergeclient_test.go | 6 ++-- 7 files changed, 16 insertions(+), 52 deletions(-) diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index 79017e852..615c3db8e 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -1749,7 +1749,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -1819,7 +1818,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -1883,7 +1881,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -1950,7 +1947,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2033,7 +2029,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2116,7 +2111,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2201,7 +2195,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2281,7 +2274,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-sso current-context: kind-context-sso kind: Config - preferences: {} users: - name: kind-user-sso user: @@ -2400,7 +2392,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2509,7 +2500,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2586,7 +2576,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2665,7 +2654,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2742,7 +2730,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2815,7 +2802,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2895,7 +2881,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -2982,7 +2967,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3070,7 +3054,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3158,7 +3141,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3236,7 +3218,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3319,7 +3300,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3385,7 +3365,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3446,7 +3425,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3507,7 +3485,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3569,7 +3546,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3631,7 +3607,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3692,7 +3667,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3752,7 +3726,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: @@ -3818,7 +3791,6 @@ func TestGetKubeconfig(t *testing.T) { name: kind-context-pinniped current-context: kind-context-pinniped kind: Config - preferences: {} users: - name: kind-user-pinniped user: diff --git a/cmd/pinniped/cmd/whoami_test.go b/cmd/pinniped/cmd/whoami_test.go index c38af8528..fba4d51ac 100644 --- a/cmd/pinniped/cmd/whoami_test.go +++ b/cmd/pinniped/cmd/whoami_test.go @@ -130,9 +130,7 @@ func TestWhoami(t *testing.T) { { "kind": "WhoAmIRequest", "apiVersion": "identity.concierge.pinniped.dev/v1alpha1", - "metadata": { - "creationTimestamp": null - }, + "metadata": {}, "spec": {}, "status": { "kubernetesUserInfo": { @@ -154,9 +152,7 @@ func TestWhoami(t *testing.T) { { "kind": "WhoAmIRequest", "apiVersion": "identity.concierge.tuna.io/v1alpha1", - "metadata": { - "creationTimestamp": null - }, + "metadata": {}, "spec": {}, "status": { "kubernetesUserInfo": { @@ -177,8 +173,7 @@ func TestWhoami(t *testing.T) { wantStdout: here.Doc(` apiVersion: identity.concierge.pinniped.dev/v1alpha1 kind: WhoAmIRequest - metadata: - creationTimestamp: null + metadata: {} spec: {} status: kubernetesUserInfo: @@ -195,8 +190,7 @@ func TestWhoami(t *testing.T) { wantStdout: here.Doc(` apiVersion: identity.concierge.tuna.io/v1alpha1 kind: WhoAmIRequest - metadata: - creationTimestamp: null + metadata: {} spec: {} status: kubernetesUserInfo: diff --git a/internal/concierge/impersonator/impersonator_test.go b/internal/concierge/impersonator/impersonator_test.go index ef62ed9a6..09c3409f7 100644 --- a/internal/concierge/impersonator/impersonator_test.go +++ b/internal/concierge/impersonator/impersonator_test.go @@ -769,23 +769,23 @@ func TestImpersonator(t *testing.T) { }, }, { - name: "header canonicalization future UID header", // no longer future as it exists in Kube v1.22 + name: "header canonicalization of UID header, starting in Kube v1.22", clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), clientMutateHeaders: func(header http.Header) { header["imPerSonaTE-uid"] = []string{"007"} }, - wantError: `an error on the server ("Internal Server Error: \"/api/v1/namespaces\": requested [{UID 007 authentication.k8s.io/v1 }] without impersonating a user") has prevented the request from succeeding (get namespaces)`, + wantError: `requested [{UID 007 authentication.k8s.io/v1 }] without impersonating a user`, wantAuthorizerAttributes: func(_credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{} }, }, { - name: "UID header starting in Kube v1.22", + name: "UID header, starting in Kube v1.22", clientCert: newClientCert(t, ca, "test-username", []string{"test-group1", "test-group2"}), clientMutateHeaders: func(header http.Header) { header["Impersonate-Uid"] = []string{"008"} }, - wantError: `an error on the server ("Internal Server Error: \"/api/v1/namespaces\": requested [{UID 008 authentication.k8s.io/v1 }] without impersonating a user") has prevented the request from succeeding (get namespaces)`, + wantError: `requested [{UID 008 authentication.k8s.io/v1 }] without impersonating a user`, wantAuthorizerAttributes: func(_credentialID string) []authorizer.AttributesRecord { return []authorizer.AttributesRecord{} }, diff --git a/internal/registry/clientsecretrequest/rest_test.go b/internal/registry/clientsecretrequest/rest_test.go index c1ee55ad2..d2ef284a2 100644 --- a/internal/registry/clientsecretrequest/rest_test.go +++ b/internal/registry/clientsecretrequest/rest_test.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package clientsecretrequest @@ -161,7 +161,7 @@ func TestCreate(t *testing.T) { wantErrStatus: &metav1.Status{ Status: metav1.StatusFailure, Message: `OIDCClientSecretRequest.clientsecret.supervisor.pinniped.dev "client.oauth.pinniped.dev-some-client-name" ` + - `is invalid: dryRun: Unsupported value: []string{"stuff"}`, + `is invalid: dryRun: Unsupported value: ["stuff"]`, Reason: metav1.StatusReasonInvalid, Code: http.StatusUnprocessableEntity, Details: &metav1.StatusDetails{ @@ -170,7 +170,7 @@ func TestCreate(t *testing.T) { Name: "client.oauth.pinniped.dev-some-client-name", Causes: []metav1.StatusCause{{ Type: "FieldValueNotSupported", - Message: "Unsupported value: []string{\"stuff\"}", + Message: `Unsupported value: ["stuff"]`, Field: "dryRun", }}, }, diff --git a/internal/registry/credentialrequest/rest_test.go b/internal/registry/credentialrequest/rest_test.go index 948a605ab..491502a86 100644 --- a/internal/registry/credentialrequest/rest_test.go +++ b/internal/registry/credentialrequest/rest_test.go @@ -597,7 +597,7 @@ func TestCreate(t *testing.T) { }) requireAPIError(t, response, err, apierrors.IsInvalid, - `.pinniped.dev "request name" is invalid: dryRun: Unsupported value: []string{"some dry run flag"}`) + `.pinniped.dev "request name" is invalid: dryRun: Unsupported value: ["some dry run flag"]`) }) it("CreateFailsWhenNamespaceIsNotEmpty", func() { diff --git a/internal/registry/whoamirequest/rest_test.go b/internal/registry/whoamirequest/rest_test.go index 77f9a53ee..9ffcaafbd 100644 --- a/internal/registry/whoamirequest/rest_test.go +++ b/internal/registry/whoamirequest/rest_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package whoamirequest @@ -92,7 +92,7 @@ func TestCreate(t *testing.T) { options: &metav1.CreateOptions{DryRun: []string{"stuff"}}, }, want: nil, - wantErr: `SomeKind.identity.concierge.pinniped.dev "some-name" is invalid: dryRun: Unsupported value: []string{"stuff"}`, + wantErr: `SomeKind.identity.concierge.pinniped.dev "some-name" is invalid: dryRun: Unsupported value: ["stuff"]`, }, { name: "bad namespace", diff --git a/pkg/conciergeclient/conciergeclient_test.go b/pkg/conciergeclient/conciergeclient_test.go index edc1148c6..98195d622 100644 --- a/pkg/conciergeclient/conciergeclient_test.go +++ b/pkg/conciergeclient/conciergeclient_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package conciergeclient @@ -229,9 +229,7 @@ func TestExchangeToken(t *testing.T) { `{ "kind": "TokenCredentialRequest", "apiVersion": "login.concierge.pinniped.dev/v1alpha1", - "metadata": { - "creationTimestamp": null - }, + "metadata": {}, "spec": { "token": "test-token", "authenticator": { From 9d1c65c3e62ced605bdabbb607b6f211f51e0638 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 12:00:56 -0800 Subject: [PATCH 04/11] fix deprecation of NewSimpleClientset by using NewClientset or ignoring --- cmd/pinniped/cmd/kubeconfig_test.go | 3 +++ cmd/pinniped/cmd/whoami_test.go | 1 + .../admissionpluginconfig_test.go | 4 ++-- internal/clusterhost/clusterhost_test.go | 4 ++-- .../apicerts/apiservice_updater_test.go | 5 ++-- .../controller/apicerts/certs_expirer_test.go | 8 +++---- .../controller/apicerts/certs_manager_test.go | 6 ++--- .../apicerts/certs_observer_test.go | 4 ++-- .../apicerts/update_api_service_test.go | 3 ++- .../cachecleaner/cachecleaner_test.go | 3 ++- .../jwtcachefiller/jwtcachefiller_test.go | 9 +++++--- .../webhookcachefiller_test.go | 9 +++++--- .../impersonator_config_test.go | 6 +++-- .../kubecertagent/kubecertagent_test.go | 2 ++ .../kubecertagent/legacypodcleaner_test.go | 4 ++-- ...e_account_token_cleanup_controller_test.go | 6 ++--- .../active_directory_upstream_watcher_test.go | 14 +++++++---- .../federation_domain_watcher_test.go | 4 +++- .../federation_domain_secrets_test.go | 14 +++++++---- .../generator/supervisor_secrets_test.go | 10 ++++---- .../github_upstream_watcher_test.go | 23 +++++++++++++------ .../supervisorconfig/jwks_observer_test.go | 5 ++-- .../supervisorconfig/jwks_writer_test.go | 14 +++++++---- .../ldap_upstream_watcher_test.go | 14 +++++++---- .../oidc_client_watcher_test.go | 12 ++++++---- .../oidc_upstream_watcher_test.go | 9 +++++--- .../tls_cert_observer_test.go | 5 ++-- .../garbage_collector_test.go | 6 ++--- .../tlsconfigutil/tls_config_util_test.go | 4 ++-- .../controller/creating_test.go | 4 ++-- internal/crud/crud_test.go | 3 ++- internal/deploymentref/deploymentref_test.go | 4 ++-- .../clientregistry/clientregistry_test.go | 5 ++-- .../endpoints/auth/auth_handler_test.go | 6 +++-- .../callback/callback_handler_test.go | 3 ++- .../login/post_login_handler_test.go | 5 ++-- .../endpoints/token/token_handler_test.go | 5 ++-- .../endpointsmanager/manager_test.go | 3 ++- .../accesstoken/accesstoken_test.go | 4 ++-- .../authorizationcode_test.go | 6 ++--- .../openidconnect/openidconnect_test.go | 4 ++-- internal/fositestorage/pkce/pkce_test.go | 4 ++-- .../refreshtoken/refreshtoken_test.go | 4 ++-- .../leaderelection/leaderelection_test.go | 4 ++-- .../localuserauthenticator_test.go | 4 ++-- .../oidcclientsecretstorage_test.go | 8 +++---- .../registry/clientsecretrequest/rest_test.go | 3 ++- internal/tokenclient/tokenclient_test.go | 8 +++---- 48 files changed, 180 insertions(+), 118 deletions(-) diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index 615c3db8e..51c767258 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -3858,14 +3858,17 @@ func TestGetKubeconfig(t *testing.T) { if tt.getClientsetErr != nil { return nil, nil, nil, tt.getClientsetErr } + //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function fakeAggregatorClient := aggregatorfake.NewSimpleClientset(tt.apiServiceObjects...) fakeKubeClient := fake.NewClientset() if tt.kubeObjects != nil { kubeObjects := tt.kubeObjects(string(testServerCA)) fakeKubeClient = fake.NewClientset(kubeObjects...) } + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeConciergeClient := conciergefake.NewSimpleClientset() if tt.conciergeObjects != nil { + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeConciergeClient = conciergefake.NewSimpleClientset(tt.conciergeObjects(string(testServerCA), testServer.URL)...) } if len(tt.conciergeReactions) > 0 { diff --git a/cmd/pinniped/cmd/whoami_test.go b/cmd/pinniped/cmd/whoami_test.go index fba4d51ac..c8fc40d15 100644 --- a/cmd/pinniped/cmd/whoami_test.go +++ b/cmd/pinniped/cmd/whoami_test.go @@ -293,6 +293,7 @@ func TestWhoami(t *testing.T) { if test.gettingClientsetErr != nil { return nil, nil, nil, test.gettingClientsetErr } + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function conciergeClient := conciergefake.NewSimpleClientset() conciergeClient.PrependReactor("create", "whoamirequests", func(_ kubetesting.Action) (bool, runtime.Object, error) { if test.callingAPIErr != nil { diff --git a/internal/admissionpluginconfig/admissionpluginconfig_test.go b/internal/admissionpluginconfig/admissionpluginconfig_test.go index 7854a66c6..6dd2c57e1 100644 --- a/internal/admissionpluginconfig/admissionpluginconfig_test.go +++ b/internal/admissionpluginconfig/admissionpluginconfig_test.go @@ -235,10 +235,10 @@ func TestConfigureAdmissionPlugins(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := kubernetesfake.NewSimpleClientset() + kubeClient := kubernetesfake.NewClientset() kubeClient.Resources = tt.availableAPIResources - // Unfortunately, kubernetesfake.NewSimpleClientset() does not support using reactors to + // Unfortunately, NewClientset() does not support using reactors to // cause discovery to return errors. Instead, we will make our own fake implementation of the // discovery client's interface and only mock the parts that we need for this test. discoveryClient := newFakeDiscoveryClient(kubeClient) diff --git a/internal/clusterhost/clusterhost_test.go b/internal/clusterhost/clusterhost_test.go index 423e5ff3e..44f4af2e9 100644 --- a/internal/clusterhost/clusterhost_test.go +++ b/internal/clusterhost/clusterhost_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package clusterhost @@ -143,7 +143,7 @@ func TestHasControlPlaneNodes(t *testing.T) { for _, tt := range tests { test := tt t.Run(test.name, func(t *testing.T) { - kubeClient := kubernetesfake.NewSimpleClientset() + kubeClient := kubernetesfake.NewClientset() if test.listNodesErr != nil { listNodesErr := test.listNodesErr kubeClient.PrependReactor( diff --git a/internal/controller/apicerts/apiservice_updater_test.go b/internal/controller/apicerts/apiservice_updater_test.go index 985d8570a..f367d39e3 100644 --- a/internal/controller/apicerts/apiservice_updater_test.go +++ b/internal/controller/apicerts/apiservice_updater_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package apicerts @@ -148,8 +148,9 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) + //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function aggregatorAPIClient = aggregatorfake.NewSimpleClientset() }) diff --git a/internal/controller/apicerts/certs_expirer_test.go b/internal/controller/apicerts/certs_expirer_test.go index ddafd230d..b0af047d5 100644 --- a/internal/controller/apicerts/certs_expirer_test.go +++ b/internal/controller/apicerts/certs_expirer_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package apicerts @@ -90,7 +90,7 @@ func TestExpirerControllerFilters(t *testing.T) { t.Parallel() secretsInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -224,7 +224,7 @@ func TestExpirerControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewSimpleClientset() + kubeAPIClient := kubernetesfake.NewClientset() if test.configKubeAPIClient != nil { test.configKubeAPIClient(kubeAPIClient) } @@ -232,7 +232,7 @@ func TestExpirerControllerSync(t *testing.T) { testRV := "rv_001" testUID := types.UID("uid_002") - kubeInformerClient := kubernetesfake.NewSimpleClientset() + kubeInformerClient := kubernetesfake.NewClientset() name := certsSecretResourceName namespace := "some-namespace" if test.fillSecretData != nil { diff --git a/internal/controller/apicerts/certs_manager_test.go b/internal/controller/apicerts/certs_manager_test.go index e51c618f3..da718047c 100644 --- a/internal/controller/apicerts/certs_manager_test.go +++ b/internal/controller/apicerts/certs_manager_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package apicerts @@ -170,9 +170,9 @@ func TestManagerControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) - kubeAPIClient = kubernetesfake.NewSimpleClientset() + kubeAPIClient = kubernetesfake.NewClientset() }) it.After(func() { diff --git a/internal/controller/apicerts/certs_observer_test.go b/internal/controller/apicerts/certs_observer_test.go index ccb11929e..01b0823e7 100644 --- a/internal/controller/apicerts/certs_observer_test.go +++ b/internal/controller/apicerts/certs_observer_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package apicerts @@ -144,7 +144,7 @@ func TestObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) dynamicCertProvider = dynamiccert.NewServingCert(name) }) diff --git a/internal/controller/apicerts/update_api_service_test.go b/internal/controller/apicerts/update_api_service_test.go index 725f735e9..ddd6fe7bb 100644 --- a/internal/controller/apicerts/update_api_service_test.go +++ b/internal/controller/apicerts/update_api_service_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package apicerts @@ -206,6 +206,7 @@ func TestUpdateAPIService(t *testing.T) { t.Run(tt.name, func(t *testing.T) { ctx := context.Background() + //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function client := aggregatorv1fake.NewSimpleClientset() if tt.mocks != nil { tt.mocks(client) diff --git a/internal/controller/authenticator/cachecleaner/cachecleaner_test.go b/internal/controller/authenticator/cachecleaner/cachecleaner_test.go index d165ffcb8..5ba6156e7 100644 --- a/internal/controller/authenticator/cachecleaner/cachecleaner_test.go +++ b/internal/controller/authenticator/cachecleaner/cachecleaner_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package cachecleaner @@ -137,6 +137,7 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { // When we have t.Parallel() here, this test blocks pretty consistently...y tho? + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeClient := conciergefake.NewSimpleClientset(tt.objects...) informers := conciergeinformers.NewSharedInformerFactory(fakeClient, 0) cache := authncache.New() diff --git a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go index 877acfe65..9138af1da 100644 --- a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go +++ b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go @@ -2987,12 +2987,13 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset(tt.jwtAuthenticators...) if tt.configClient != nil { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewSimpleClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -3535,9 +3536,10 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset() pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) observableInformers := testutil.NewObservableWithInformerOption() @@ -3595,9 +3597,10 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset() pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) observableInformers := testutil.NewObservableWithInformerOption() diff --git a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go index b8d5b388d..ff79e3d4e 100644 --- a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go +++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go @@ -2118,12 +2118,13 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset(tt.webhookAuthenticators...) if tt.configClient != nil { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewSimpleClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -2377,9 +2378,10 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset() pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) observableInformers := testutil.NewObservableWithInformerOption() @@ -2440,9 +2442,10 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := conciergefake.NewSimpleClientset() pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) observableInformers := testutil.NewObservableWithInformerOption() diff --git a/internal/controller/impersonatorconfig/impersonator_config_test.go b/internal/controller/impersonatorconfig/impersonator_config_test.go index 300387b89..bf893f1ed 100644 --- a/internal/controller/impersonatorconfig/impersonator_config_test.go +++ b/internal/controller/impersonatorconfig/impersonator_config_test.go @@ -1128,14 +1128,16 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { queue = &testQueue{} cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = conciergefake.NewSimpleClientset() pinnipedInformers = conciergeinformers.NewSharedInformerFactoryWithOptions(pinnipedInformerClient, 0) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactoryWithOptions(kubeInformerClient, 0, k8sinformers.WithNamespace(installedInNamespace), ) - kubeAPIClient = kubernetesfake.NewSimpleClientset() + kubeAPIClient = kubernetesfake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient = conciergefake.NewSimpleClientset() frozenNow = time.Date(2021, time.March, 2, 7, 42, 0, 0, time.Local) mTLSClientCertProvider = dynamiccert.NewCA(name) diff --git a/internal/controller/kubecertagent/kubecertagent_test.go b/internal/controller/kubecertagent/kubecertagent_test.go index e2bf88595..eb8ba951b 100644 --- a/internal/controller/kubecertagent/kubecertagent_test.go +++ b/internal/controller/kubecertagent/kubecertagent_test.go @@ -1777,9 +1777,11 @@ func TestAgentController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function conciergeClientset := conciergefake.NewSimpleClientset(tt.pinnipedObjects...) conciergeInformers := conciergeinformers.NewSharedInformerFactory(conciergeClientset, 0) + //nolint:staticcheck // using NewClientset() is possible here, but it will require updating test expectations kubeClientset := kubefake.NewSimpleClientset(tt.kubeObjects...) if tt.addKubeReactions != nil { tt.addKubeReactions(kubeClientset) diff --git a/internal/controller/kubecertagent/legacypodcleaner_test.go b/internal/controller/kubecertagent/legacypodcleaner_test.go index 9cf5af903..de1777d1b 100644 --- a/internal/controller/kubecertagent/legacypodcleaner_test.go +++ b/internal/controller/kubecertagent/legacypodcleaner_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package kubecertagent @@ -142,7 +142,7 @@ func TestLegacyPodCleanerController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClientset := kubefake.NewSimpleClientset(tt.kubeObjects...) + kubeClientset := kubefake.NewClientset(tt.kubeObjects...) if tt.addKubeReactions != nil { tt.addKubeReactions(kubeClientset) } diff --git a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go index 6b21d1926..c02d8a310 100644 --- a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go +++ b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2023-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package serviceaccounttokencleanup @@ -173,8 +173,8 @@ func TestSync(t *testing.T) { func setupKubernetes(t *testing.T, namespace string) (*kubernetesfake.Clientset, kubeinformers.SharedInformerFactory) { t.Helper() - kubeAPIClient := kubernetesfake.NewSimpleClientset() - kubeInformerClient := kubernetesfake.NewSimpleClientset() + kubeAPIClient := kubernetesfake.NewClientset() + kubeInformerClient := kubernetesfake.NewClientset() kubeInformers := kubeinformers.NewSharedInformerFactory( kubeInformerClient, diff --git a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go index bc3b1c740..b9563202a 100644 --- a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package activedirectoryupstreamwatcher @@ -95,10 +95,11 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterSecrets(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -140,10 +141,11 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterConfigMaps(t *testing.T) t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -185,10 +187,11 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterActiveDirectoryIdentityPr t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -2307,9 +2310,10 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewSimpleClientset(tt.inputK8sObjects...) + fakeKubeClient := fake.NewClientset(tt.inputK8sObjects...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetActiveDirectoryIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/federation_domain_watcher_test.go b/internal/controller/supervisorconfig/federation_domain_watcher_test.go index 172dec76c..7a45ad3d2 100644 --- a/internal/controller/supervisorconfig/federation_domain_watcher_test.go +++ b/internal/controller/supervisorconfig/federation_domain_watcher_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package supervisorconfig @@ -2087,7 +2087,9 @@ func TestTestFederationDomainWatcherControllerSync(t *testing.T) { t.Parallel() federationDomainsSetter := &fakeFederationDomainsSetter{} + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := supervisorfake.NewSimpleClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient := supervisorfake.NewSimpleClientset() for _, o := range tt.inputObjects { require.NoError(t, pinnipedAPIClient.Tracker().Add(o)) diff --git a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go index 9d58a5809..21777716f 100644 --- a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package generator @@ -180,10 +180,11 @@ func TestFederationDomainControllerFilterSecret(t *testing.T) { ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().FederationDomains() @@ -242,10 +243,11 @@ func TestNewFederationDomainSecretsControllerFilterFederationDomain(t *testing.T ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().FederationDomains() @@ -629,11 +631,13 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := supervisorfake.NewSimpleClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient := supervisorfake.NewSimpleClientset() - kubeAPIClient := kubernetesfake.NewSimpleClientset() - kubeInformerClient := kubernetesfake.NewSimpleClientset() + kubeAPIClient := kubernetesfake.NewClientset() + kubeInformerClient := kubernetesfake.NewClientset() federationDomain := goodFederationDomain.DeepCopy() secret := goodSecret.DeepCopy() diff --git a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go index 53273f918..df52d9200 100644 --- a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package generator @@ -104,7 +104,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -131,7 +131,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { func TestSupervisorSecretsControllerInitialEvent(t *testing.T) { initialEventOption := testutil.NewObservableWithInitialEventOption() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() _ = NewSupervisorSecretsController( @@ -420,11 +420,11 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { } } - apiClient := kubernetesfake.NewSimpleClientset() + apiClient := kubernetesfake.NewClientset() if test.apiClient != nil { test.apiClient(t, apiClient) } - informerClient := kubernetesfake.NewSimpleClientset() + informerClient := kubernetesfake.NewClientset() storedSecret := generatedSecret.DeepCopy() if test.storedSecret != nil { diff --git a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go index fec2dbe17..46b25f755 100644 --- a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go @@ -2437,10 +2437,11 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeSupervisorClient := supervisorfake.NewSimpleClientset(tt.githubIdentityProviders...) supervisorInformers := supervisorinformers.NewSharedInformerFactory(fakeSupervisorClient, 0) - fakeKubeClient := kubernetesfake.NewSimpleClientset(tt.secretsAndConfigMaps...) + fakeKubeClient := kubernetesfake.NewClientset(tt.secretsAndConfigMaps...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) idpCache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() @@ -2830,14 +2831,16 @@ func TestController_OnlyWantActions(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeSupervisorClient := supervisorfake.NewSimpleClientset(tt.githubIdentityProviders...) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorInformers := supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(tt.githubIdentityProviders...), 0) if tt.addSupervisorReactors != nil { tt.addSupervisorReactors(fakeSupervisorClient) } - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(tt.secrets...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(tt.secrets...), 0) logger, _ := plog.TestLogger(t) @@ -2957,7 +2960,7 @@ func TestGitHubUpstreamWatcherControllerFilterSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) logger, _ := plog.TestLogger(t) @@ -2967,7 +2970,9 @@ func TestGitHubUpstreamWatcherControllerFilterSecret(t *testing.T) { _ = New( "some-namespace", dynamicupstreamprovider.NewDynamicUpstreamIDPProvider(), + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(), 0).IDP().V1alpha1().GitHubIdentityProviders(), secretInformer, kubeInformers.Core().V1().ConfigMaps(), @@ -3018,14 +3023,16 @@ func TestGitHubUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { logger, _ := plog.TestLogger(t) observableInformers := testutil.NewObservableWithInformerOption() - configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0).Core().V1().ConfigMaps() + configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps() _ = New( namespace, dynamicupstreamprovider.NewDynamicUpstreamIDPProvider(), + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(), 0).IDP().V1alpha1().GitHubIdentityProviders(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), configMapInformer, logger, observableInformers.WithInformer, @@ -3074,15 +3081,17 @@ func TestGitHubUpstreamWatcherControllerFilterGitHubIDP(t *testing.T) { logger, _ := plog.TestLogger(t) observableInformers := testutil.NewObservableWithInformerOption() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function gitHubIdentityProviderInformer := supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(), 0).IDP().V1alpha1().GitHubIdentityProviders() _ = New( namespace, dynamicupstreamprovider.NewDynamicUpstreamIDPProvider(), + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), gitHubIdentityProviderInformer, - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0).Core().V1().Secrets(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewSimpleClientset(), 0).Core().V1().ConfigMaps(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps(), logger, observableInformers.WithInformer, clock.RealClock{}, diff --git a/internal/controller/supervisorconfig/jwks_observer_test.go b/internal/controller/supervisorconfig/jwks_observer_test.go index 1c79dac7c..5730a0b34 100644 --- a/internal/controller/supervisorconfig/jwks_observer_test.go +++ b/internal/controller/supervisorconfig/jwks_observer_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package supervisorconfig @@ -167,8 +167,9 @@ func TestJWKSObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() pinnipedInformers = supervisorinformers.NewSharedInformerFactory(pinnipedInformerClient, 0) issuerToJWKSSetter = &fakeIssuerToJWKSMapSetter{} diff --git a/internal/controller/supervisorconfig/jwks_writer_test.go b/internal/controller/supervisorconfig/jwks_writer_test.go index e28bc5951..e9a401ff8 100644 --- a/internal/controller/supervisorconfig/jwks_writer_test.go +++ b/internal/controller/supervisorconfig/jwks_writer_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package supervisorconfig @@ -171,10 +171,11 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().FederationDomains() @@ -224,10 +225,11 @@ func TestJWKSWriterControllerFilterFederationDomain(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().FederationDomains() @@ -673,8 +675,8 @@ func TestJWKSWriterControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewSimpleClientset() - kubeInformerClient := kubernetesfake.NewSimpleClientset() + kubeAPIClient := kubernetesfake.NewClientset() + kubeInformerClient := kubernetesfake.NewClientset() for _, secret := range test.secrets { require.NoError(t, kubeAPIClient.Tracker().Add(secret)) require.NoError(t, kubeInformerClient.Tracker().Add(secret)) @@ -683,7 +685,9 @@ func TestJWKSWriterControllerSync(t *testing.T) { test.configKubeClient(kubeAPIClient) } + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient := supervisorfake.NewSimpleClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient := supervisorfake.NewSimpleClientset() for _, federationDomain := range test.federationDomains { require.NoError(t, pinnipedAPIClient.Tracker().Add(federationDomain)) diff --git a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go index a1fb3994d..62bb5ec27 100644 --- a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package ldapupstreamwatcher @@ -94,10 +94,11 @@ func TestLDAPUpstreamWatcherControllerFilterSecrets(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -139,10 +140,11 @@ func TestLDAPUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -184,10 +186,11 @@ func TestLDAPUpstreamWatcherControllerFilterLDAPIdentityProviders(t *testing.T) t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -1405,9 +1408,10 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewSimpleClientset(tt.inputSecrets...) + fakeKubeClient := fake.NewClientset(tt.inputSecrets...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetLDAPIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go index ba64c71d8..475491cb9 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidcclientwatcher @@ -63,10 +63,11 @@ func TestOIDCClientWatcherControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().OIDCClients() @@ -132,10 +133,11 @@ func TestOIDCClientWatcherControllerFilterOIDCClient(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewSimpleClientset(), + kubernetesfake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), 0, ).Config().V1alpha1().OIDCClients() @@ -956,10 +958,12 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputObjects...) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClientForInformers := supervisorfake.NewSimpleClientset(tt.inputObjects...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClientForInformers, 0) - fakeKubeClient := kubernetesfake.NewSimpleClientset(tt.inputSecrets...) + fakeKubeClient := kubernetesfake.NewClientset(tt.inputSecrets...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) controller := NewOIDCClientWatcherController( diff --git a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go index d01b080d2..62a7f5eca 100644 --- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go @@ -101,9 +101,10 @@ func TestOIDCUpstreamWatcherControllerFilterSecret(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -161,9 +162,10 @@ func TestOIDCUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewSimpleClientset() + fakeKubeClient := fake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -1760,9 +1762,10 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewSimpleClientset(tt.inputResources...) + fakeKubeClient := fake.NewClientset(tt.inputResources...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/tls_cert_observer_test.go b/internal/controller/supervisorconfig/tls_cert_observer_test.go index 4a019516a..1ec1f8660 100644 --- a/internal/controller/supervisorconfig/tls_cert_observer_test.go +++ b/internal/controller/supervisorconfig/tls_cert_observer_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package supervisorconfig @@ -180,8 +180,9 @@ func TestTLSCertObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() pinnipedInformers = supervisorinformers.NewSharedInformerFactory(pinnipedInformerClient, 0) issuerTLSCertSetter = &fakeIssuerTLSCertSetter{} diff --git a/internal/controller/supervisorstorage/garbage_collector_test.go b/internal/controller/supervisorstorage/garbage_collector_test.go index 741b71dcf..1f80fc8eb 100644 --- a/internal/controller/supervisorstorage/garbage_collector_test.go +++ b/internal/controller/supervisorstorage/garbage_collector_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package supervisorstorage @@ -179,8 +179,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewSimpleClientset() - kubeClient = kubernetesfake.NewSimpleClientset() + kubeInformerClient = kubernetesfake.NewClientset() + kubeClient = kubernetesfake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) frozenNow = time.Now().UTC() fakeClock = clocktesting.NewFakeClock(frozenNow) diff --git a/internal/controller/tlsconfigutil/tls_config_util_test.go b/internal/controller/tlsconfigutil/tls_config_util_test.go index 230432e46..34733855f 100644 --- a/internal/controller/tlsconfigutil/tls_config_util_test.go +++ b/internal/controller/tlsconfigutil/tls_config_util_test.go @@ -1,4 +1,4 @@ -// Copyright 2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2024-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package tlsconfigutil @@ -474,7 +474,7 @@ func TestValidateTLSConfig(t *testing.T) { var secretsInformer corev1informers.SecretInformer var configMapInformer corev1informers.ConfigMapInformer - fakeClient := fake.NewSimpleClientset(tt.k8sObjects...) + fakeClient := fake.NewClientset(tt.k8sObjects...) sharedInformers := informers.NewSharedInformerFactory(fakeClient, 0) configMapInformer = sharedInformers.Core().V1().ConfigMaps() secretsInformer = sharedInformers.Core().V1().Secrets() diff --git a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go index 1d3100848..4d5b48d35 100644 --- a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go +++ b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package controller @@ -93,7 +93,7 @@ func TestNewExampleCreatingController(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() for i := range tt.args.services { service := tt.args.services[i] err := kubeClient.Tracker().Add(service) diff --git a/internal/crud/crud_test.go b/internal/crud/crud_test.go index 1a54e6d3d..6800b47bf 100644 --- a/internal/crud/crud_test.go +++ b/internal/crud/crud_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package crud @@ -1291,6 +1291,7 @@ func TestStorage(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() + //nolint:staticcheck // using NewClientset() is possible here, but it will require updating test expectations client := fake.NewSimpleClientset() if tt.mocks != nil { tt.mocks(t, client) diff --git a/internal/deploymentref/deploymentref_test.go b/internal/deploymentref/deploymentref_test.go index e219ecd10..be0f140ad 100644 --- a/internal/deploymentref/deploymentref_test.go +++ b/internal/deploymentref/deploymentref_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package deploymentref @@ -107,7 +107,7 @@ func TestNew(t *testing.T) { } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - client := kubefake.NewSimpleClientset(test.apiObjects...) + client := kubefake.NewClientset(test.apiObjects...) if test.client != nil { test.client(client) } diff --git a/internal/federationdomain/clientregistry/clientregistry_test.go b/internal/federationdomain/clientregistry/clientregistry_test.go index be2612bce..5606c98ee 100644 --- a/internal/federationdomain/clientregistry/clientregistry_test.go +++ b/internal/federationdomain/clientregistry/clientregistry_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package clientregistry @@ -256,8 +256,9 @@ func TestClientManager(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() secrets := kubeClient.CoreV1().Secrets(testNamespace) + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients(testNamespace) subject := NewClientManager( diff --git a/internal/federationdomain/endpoints/auth/auth_handler_test.go b/internal/federationdomain/endpoints/auth/auth_handler_test.go index d3518b41d..da45bdea0 100644 --- a/internal/federationdomain/endpoints/auth/auth_handler_test.go +++ b/internal/federationdomain/endpoints/auth/auth_handler_test.go @@ -4232,7 +4232,8 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients("some-namespace") @@ -4268,7 +4269,8 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo // Double-check that we are re-using the happy path test case here as we intend. require.Equal(t, "OIDC upstream browser flow happy path using GET without a CSRF cookie", test.name) - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/federationdomain/endpoints/callback/callback_handler_test.go b/internal/federationdomain/endpoints/callback/callback_handler_test.go index ddab57944..04ff0d343 100644 --- a/internal/federationdomain/endpoints/callback/callback_handler_test.go +++ b/internal/federationdomain/endpoints/callback/callback_handler_test.go @@ -2166,7 +2166,8 @@ func TestCallbackEndpoint(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets := kubeClient.CoreV1().Secrets("some-namespace") oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/federationdomain/endpoints/login/post_login_handler_test.go b/internal/federationdomain/endpoints/login/post_login_handler_test.go index 61872a302..6147f1569 100644 --- a/internal/federationdomain/endpoints/login/post_login_handler_test.go +++ b/internal/federationdomain/endpoints/login/post_login_handler_test.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login @@ -1296,7 +1296,8 @@ func TestPostLoginEndpoint(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/federationdomain/endpoints/token/token_handler_test.go b/internal/federationdomain/endpoints/token/token_handler_test.go index b387fca5d..7ce6814a0 100644 --- a/internal/federationdomain/endpoints/token/token_handler_test.go +++ b/internal/federationdomain/endpoints/token/token_handler_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package token @@ -5216,7 +5216,8 @@ func exchangeAuthcodeForTokens( test.modifyAuthRequest(authRequest) } - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets = kubeClient.CoreV1().Secrets("some-namespace") oidcClientsClient := supervisorClient.ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/federationdomain/endpointsmanager/manager_test.go b/internal/federationdomain/endpointsmanager/manager_test.go index aa19708b6..cd990fa58 100644 --- a/internal/federationdomain/endpointsmanager/manager_test.go +++ b/internal/federationdomain/endpointsmanager/manager_test.go @@ -345,8 +345,9 @@ func TestManager(t *testing.T) { Build(), ).BuildDynamicUpstreamIDPProvider() - kubeClient = fake.NewSimpleClientset() + kubeClient = fake.NewClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function oidcClientsClient := supervisorfake.NewSimpleClientset().ConfigV1alpha1().OIDCClients("some-namespace") cache := secret.Cache{} diff --git a/internal/fositestorage/accesstoken/accesstoken_test.go b/internal/fositestorage/accesstoken/accesstoken_test.go index 8a4cc4d60..d0f64cf8b 100644 --- a/internal/fositestorage/accesstoken/accesstoken_test.go +++ b/internal/fositestorage/accesstoken/accesstoken_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package accesstoken @@ -294,7 +294,7 @@ func TestCreateWithoutRequesterID(t *testing.T) { } func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewSimpleClientset() + client := fake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/authorizationcode/authorizationcode_test.go b/internal/fositestorage/authorizationcode/authorizationcode_test.go index 73a3b885d..41443b0a7 100644 --- a/internal/fositestorage/authorizationcode/authorizationcode_test.go +++ b/internal/fositestorage/authorizationcode/authorizationcode_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package authorizationcode @@ -277,7 +277,7 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { } func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, fositeoauth2.AuthorizeCodeStorage) { - client := fake.NewSimpleClientset() + client := fake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, @@ -387,7 +387,7 @@ func TestFuzzAndJSONNewValidEmptyAuthorizeCodeSession(t *testing.T) { const name = "fuzz" // value is irrelevant ctx := context.Background() - secrets := fake.NewSimpleClientset().CoreV1().Secrets(name) + secrets := fake.NewClientset().CoreV1().Secrets(name) storage := New(secrets, func() time.Time { return fakeNow }, func(requester fosite.Requester) time.Duration { return lifetime }) // issue a create using the fuzzed request to confirm that marshalling works diff --git a/internal/fositestorage/openidconnect/openidconnect_test.go b/internal/fositestorage/openidconnect/openidconnect_test.go index bcfd10f19..2dbd2b91d 100644 --- a/internal/fositestorage/openidconnect/openidconnect_test.go +++ b/internal/fositestorage/openidconnect/openidconnect_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package openidconnect @@ -217,7 +217,7 @@ func TestAuthcodeHasNoDot(t *testing.T) { } func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, openid.OpenIDConnectRequestStorage) { - client := fake.NewSimpleClientset() + client := fake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/pkce/pkce_test.go b/internal/fositestorage/pkce/pkce_test.go index 10fd61955..b5b845bd9 100644 --- a/internal/fositestorage/pkce/pkce_test.go +++ b/internal/fositestorage/pkce/pkce_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package pkce @@ -215,7 +215,7 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { } func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, pkce.PKCERequestStorage) { - client := fake.NewSimpleClientset() + client := fake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/refreshtoken/refreshtoken_test.go b/internal/fositestorage/refreshtoken/refreshtoken_test.go index 2aa9102fe..3fe1bd092 100644 --- a/internal/fositestorage/refreshtoken/refreshtoken_test.go +++ b/internal/fositestorage/refreshtoken/refreshtoken_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package refreshtoken @@ -351,7 +351,7 @@ func TestCreateWithoutRequesterID(t *testing.T) { } func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewSimpleClientset() + client := fake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/leaderelection/leaderelection_test.go b/internal/leaderelection/leaderelection_test.go index 8fb76f855..a1e359fe6 100644 --- a/internal/leaderelection/leaderelection_test.go +++ b/internal/leaderelection/leaderelection_test.go @@ -1,4 +1,4 @@ -// Copyright 2021-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package leaderelection @@ -61,7 +61,7 @@ func Test_releaseLock_Update(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - internalClient := kubefake.NewSimpleClientset() + internalClient := kubefake.NewClientset() isLeader := &isLeaderTracker{tracker: &atomic.Bool{}} leaderElectorCtx, cancel := context.WithCancel(context.Background()) diff --git a/internal/localuserauthenticator/localuserauthenticator_test.go b/internal/localuserauthenticator/localuserauthenticator_test.go index ada0ca383..01c0931a9 100644 --- a/internal/localuserauthenticator/localuserauthenticator_test.go +++ b/internal/localuserauthenticator/localuserauthenticator_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package localuserauthenticator @@ -50,7 +50,7 @@ func TestWebhook(t *testing.T) { group0, group1 := "some-group-0", "some-group-1" groups := group0 + " , " + group1 - kubeClient := kubernetesfake.NewSimpleClientset() + kubeClient := kubernetesfake.NewClientset() addSecretToFakeClientTracker(t, kubeClient, user, password, groups) addSecretToFakeClientTracker(t, kubeClient, otherUser, otherPassword, groups) addSecretToFakeClientTracker(t, kubeClient, colonUser, colonPassword, groups) diff --git a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go index aeb17fbb9..8509426c8 100644 --- a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go +++ b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2022-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidcclientsecretstorage @@ -117,7 +117,7 @@ func TestGet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() if tt.secret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.secret)) } @@ -326,7 +326,7 @@ func TestSet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() if tt.seedSecret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.seedSecret)) } @@ -390,7 +390,7 @@ func TestGetStorageSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewSimpleClientset() + kubeClient := fake.NewClientset() require.NoError(t, kubeClient.Tracker().Add(tt.secret)) subject := New(kubeClient.CoreV1().Secrets("some-namespace")) diff --git a/internal/registry/clientsecretrequest/rest_test.go b/internal/registry/clientsecretrequest/rest_test.go index d2ef284a2..8ec12be0f 100644 --- a/internal/registry/clientsecretrequest/rest_test.go +++ b/internal/registry/clientsecretrequest/rest_test.go @@ -1628,7 +1628,7 @@ func TestCreate(t *testing.T) { testutil.SetGlobalKlogLevel(t, originalKLogLevel) //nolint:staticcheck // old test of code using trace.Log() }) - kubeClient := kubefake.NewSimpleClientset() + kubeClient := kubefake.NewClientset() secretsClient := kubeClient.CoreV1().Secrets(namespace) // Production code depends on secrets having a resource version. // Our seedHashes mechanism with the fake client unfortunately does not cause a resourceVersion to be set on the secret. @@ -1644,6 +1644,7 @@ func TestCreate(t *testing.T) { tt.seedHashes(oidcClientSecretStore) } + //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() if tt.seedOIDCClients != nil { for _, client := range tt.seedOIDCClients { diff --git a/internal/tokenclient/tokenclient_test.go b/internal/tokenclient/tokenclient_test.go index 52f414b9f..a4fcbbd28 100644 --- a/internal/tokenclient/tokenclient_test.go +++ b/internal/tokenclient/tokenclient_test.go @@ -1,4 +1,4 @@ -// Copyright 2023-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2023-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package tokenclient @@ -30,7 +30,7 @@ const ( func TestNew(t *testing.T) { mockWhatToDoWithTokenFunc := *new(WhatToDoWithTokenFunc) - mockClient := fake.NewSimpleClientset().CoreV1().ServiceAccounts("") + mockClient := fake.NewClientset().CoreV1().ServiceAccounts("") mockTime := time.Now() mockClock := clocktesting.NewFakeClock(mockTime) logger, _ := plog.TestLogger(t) @@ -171,7 +171,7 @@ func TestFetchToken(t *testing.T) { require.NotEmpty(t, tt.serviceAccountName) - mockClient := fake.NewSimpleClientset() + mockClient := fake.NewClientset() tokenClient := New( tt.serviceAccountName, mockClient.CoreV1().ServiceAccounts("any-namespace-works"), @@ -322,7 +322,7 @@ func TestStart(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - mockClient := fake.NewSimpleClientset() + mockClient := fake.NewClientset() logger, _ := plog.TestLogger(t) var mutex sync.Mutex From f703d096d60b59869e105fda57b2b6f123f44640 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 12:04:02 -0800 Subject: [PATCH 05/11] update deps again to get new k8s.io/utils --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 8a7f55b39..2d9939f16 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( k8s.io/klog/v2 v2.130.1 k8s.io/kube-aggregator v0.35.0 k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e - k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 + k8s.io/utils v0.0.0-20251219084037-98d557b7f1e7 sigs.k8s.io/yaml v1.6.0 ) diff --git a/go.sum b/go.sum index 2e08e83ac..a12a68626 100644 --- a/go.sum +++ b/go.sum @@ -1098,8 +1098,8 @@ k8s.io/kube-aggregator v0.35.0 h1:FBtbuRFA7Ohe2QKirFZcJf8rgimC8oSaNiCi4pdU5xw= k8s.io/kube-aggregator v0.35.0/go.mod h1:vKBRpQUfDryb7udwUwF3eCSvv3AJNgHtL4PGl6PqAg8= k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e h1:iW9ChlU0cU16w8MpVYjXk12dqQ4BPFBEgif+ap7/hqQ= k8s.io/kube-openapi v0.0.0-20251125145642-4e65d59e963e/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= -k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= -k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20251219084037-98d557b7f1e7 h1:H6xtwB5tC+KFSHoEhA1o7DnOtHDEo+n9OBSHjlajVKc= +k8s.io/utils v0.0.0-20251219084037-98d557b7f1e7/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= From bc88faa50dc9de71a068f039171698485f5c96aa Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 12:08:02 -0800 Subject: [PATCH 06/11] upgrade dep to github.com/google/go-github/v76 from v75 --- go.mod | 2 +- go.sum | 4 ++-- internal/githubclient/githubclient.go | 2 +- internal/githubclient/githubclient_test.go | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 2d9939f16..8462e2ec1 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/gofrs/flock v0.13.0 github.com/google/cel-go v0.26.1 github.com/google/go-cmp v0.7.0 - github.com/google/go-github/v75 v75.0.0 + github.com/google/go-github/v76 v76.0.0 github.com/google/gofuzz v1.2.0 github.com/google/uuid v1.6.0 github.com/gorilla/securecookie v1.1.2 diff --git a/go.sum b/go.sum index a12a68626..42d5ef9d5 100644 --- a/go.sum +++ b/go.sum @@ -249,8 +249,8 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/go-github/v73 v73.0.0 h1:aR+Utnh+Y4mMkS+2qLQwcQ/cF9mOTpdwnzlaw//rG24= github.com/google/go-github/v73 v73.0.0/go.mod h1:fa6w8+/V+edSU0muqdhCVY7Beh1M8F1IlQPZIANKIYw= -github.com/google/go-github/v75 v75.0.0 h1:k7q8Bvg+W5KxRl9Tjq16a9XEgVY1pwuiG5sIL7435Ic= -github.com/google/go-github/v75 v75.0.0/go.mod h1:H3LUJEA1TCrzuUqtdAQniBNwuKiQIqdGKgBo1/M/uqI= +github.com/google/go-github/v76 v76.0.0 h1:MCa9VQn+VG5GG7Y7BAkBvSRUN3o+QpaEOuZwFPJmdFA= +github.com/google/go-github/v76 v76.0.0/go.mod h1:38+d/8pYDO4fBLYfBhXF5EKO0wA3UkXBjfmQapFsNCQ= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= diff --git a/internal/githubclient/githubclient.go b/internal/githubclient/githubclient.go index a808e3dc1..024651668 100644 --- a/internal/githubclient/githubclient.go +++ b/internal/githubclient/githubclient.go @@ -12,7 +12,7 @@ import ( "slices" "strings" - "github.com/google/go-github/v75/github" + "github.com/google/go-github/v76/github" "k8s.io/apimachinery/pkg/util/sets" "go.pinniped.dev/internal/plog" diff --git a/internal/githubclient/githubclient_test.go b/internal/githubclient/githubclient_test.go index 067a0397f..546f7e498 100644 --- a/internal/githubclient/githubclient_test.go +++ b/internal/githubclient/githubclient_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - "github.com/google/go-github/v75/github" + "github.com/google/go-github/v76/github" "github.com/migueleliasweb/go-github-mock/src/mock" "github.com/stretchr/testify/require" "k8s.io/client-go/util/cert" From b04ae898cad2240866fcb597c9d996bcbc86b8b9 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 13:57:12 -0800 Subject: [PATCH 07/11] update integration test expectations for k8s 1.35 libs --- .../concierge_impersonation_proxy_test.go | 27 ++++++------------- .../supervisor_oidcclientsecret_test.go | 2 +- 2 files changed, 9 insertions(+), 20 deletions(-) diff --git a/test/integration/concierge_impersonation_proxy_test.go b/test/integration/concierge_impersonation_proxy_test.go index 004d18541..a4abb9e61 100644 --- a/test/integration/concierge_impersonation_proxy_test.go +++ b/test/integration/concierge_impersonation_proxy_test.go @@ -777,26 +777,15 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl }) _, errUID := testlib.NewKubeclient(t, nestedImpersonationUIDOnly).Kubernetes.CoreV1().Secrets("foo").Get(ctx, "bar", metav1.GetOptions{}) - msg := `Internal Server Error: "/api/v1/namespaces/foo/secrets/bar": requested [{UID some-awesome-uid authentication.k8s.io/v1 }] without impersonating a user` - full := fmt.Sprintf(`an error on the server (%q) has prevented the request from succeeding (get secrets bar)`, msg) - require.EqualError(t, errUID, full) - require.True(t, apierrors.IsInternalError(errUID), errUID) + msg := `requested [{UID some-awesome-uid authentication.k8s.io/v1 }] without impersonating a user` + require.EqualError(t, errUID, msg) + require.True(t, apierrors.IsBadRequest(errUID), errUID) // starting in k8s 1.35 libs, this was changed from internal error to bad request require.Equal(t, &apierrors.StatusError{ ErrStatus: metav1.Status{ - Status: metav1.StatusFailure, - Code: http.StatusInternalServerError, - Reason: metav1.StatusReasonInternalError, - Details: &metav1.StatusDetails{ - Name: "bar", - Kind: "secrets", - Causes: []metav1.StatusCause{ - { - Type: metav1.CauseTypeUnexpectedServerResponse, - Message: msg, - }, - }, - }, - Message: full, + Status: metav1.StatusFailure, + Code: http.StatusBadRequest, + Reason: metav1.StatusReasonBadRequest, + Message: msg, }, }, errUID) @@ -1408,7 +1397,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl whoami, errWho := impersonationProxyAdminRestClientAsAnonymous.Post().Body([]byte(`{}`)).AbsPath("/apis/identity.concierge." + env.APIGroupSuffix + "/v1alpha1/whoamirequests").DoRaw(ctx) require.NoError(t, errWho, testlib.Sdump(errWho)) - require.True(t, strings.HasPrefix(string(whoami), `{"kind":"WhoAmIRequest","apiVersion":"identity.concierge.`+env.APIGroupSuffix+`/v1alpha1","metadata":{"creationTimestamp":null},"spec":{},"status":{"kubernetesUserInfo":{"user":{"username":"system:anonymous","groups":["system:unauthenticated"],"extra":{"original-user-info.impersonation-proxy.concierge.pinniped.dev":["{\"username\":`), string(whoami)) + require.True(t, strings.HasPrefix(string(whoami), `{"kind":"WhoAmIRequest","apiVersion":"identity.concierge.`+env.APIGroupSuffix+`/v1alpha1","metadata":{},"spec":{},"status":{"kubernetesUserInfo":{"user":{"username":"system:anonymous","groups":["system:unauthenticated"],"extra":{"original-user-info.impersonation-proxy.concierge.pinniped.dev":["{\"username\":`), string(whoami)) healthz, errHealth := impersonationProxyAdminRestClientAsAnonymous.Get().AbsPath("/healthz").DoRaw(ctx) require.NoError(t, errHealth, testlib.Sdump(errHealth)) diff --git a/test/integration/supervisor_oidcclientsecret_test.go b/test/integration/supervisor_oidcclientsecret_test.go index 47f22a39e..610a8b12a 100644 --- a/test/integration/supervisor_oidcclientsecret_test.go +++ b/test/integration/supervisor_oidcclientsecret_test.go @@ -261,7 +261,7 @@ func TestKubectlOIDCClientSecretRequest_Parallel(t *testing.T) { if tt.wantErr != "" { require.EqualError(t, err, tt.wantErr) } else { - require.NoError(t, err) + require.NoError(t, err, "got stdout:\n%s\ngot stderr:\n%s", stdOut.String(), stdErr.String()) } tt.assertOnStdOut(t, oidcClient.Name, stdOut.String()) From cbce243d57f3ffc5480125ef8890785404d14f56 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 15:15:14 -0800 Subject: [PATCH 08/11] generate model names via gen_openapi to fix 'kubectl explain' Also fixes some kubectl client-side validation errors, which also uses the generated openapi docs served by Pinniped. --- hack/lib/update-codegen.sh | 49 +++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 17 deletions(-) diff --git a/hack/lib/update-codegen.sh b/hack/lib/update-codegen.sh index 2345f5a12..732ea64d0 100755 --- a/hack/lib/update-codegen.sh +++ b/hack/lib/update-codegen.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +# Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 set -euo pipefail ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" @@ -69,6 +69,10 @@ KUBE_1_30_OR_NEWER="no" if [[ "$KUBE_MAJOR_NUMBER" -gt "1" || ( "$KUBE_MAJOR_NUMBER" == "1" && "$KUBE_MINOR_NUMBER" -ge "30" ) ]]; then KUBE_1_30_OR_NEWER="yes" fi +KUBE_1_35_OR_NEWER="no" +if [[ "$KUBE_MAJOR_NUMBER" -gt "1" || ( "$KUBE_MAJOR_NUMBER" == "1" && "$KUBE_MINOR_NUMBER" -ge "35" ) ]]; then + KUBE_1_35_OR_NEWER="yes" +fi # KUBE_MODULE_VERSION is just version of client libraries (e.g., 'v0.28.9-rc-0'). KUBE_MODULE_VERSION="v0.$(echo "${KUBE_VERSION}" | cut -d '.' -f 2-)" @@ -226,22 +230,38 @@ if [[ "$KUBE_1_30_OR_NEWER" == "yes" ]]; then echo "generating API clients and openapi..." + # Note that --extra-pkgs can be set to generate openapi docs for other k8s APIs that our types depend upon + # aside from the default k8s packages that are already added automatically by the kube::codegen::gen_openapi script + # (meta/v1, runtime, and version). E.g. TokenCredentialRequestSpec uses corev1.TypedLocalObjectReference, so we + # add core/v1 when running codegen for the Pinniped aggregated APIs here. + concierge_gen_openapi_args=( + "${OUTPUT_DIR}/apis/concierge" + --update-report + --extra-pkgs "k8s.io/api/core/v1" + --output-dir "${OUTPUT_DIR}/client/concierge/openapi" + --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/concierge" + --boilerplate "${ROOT}/hack/boilerplate.go.txt" + ) + supervisor_gen_openapi_args=( + "${OUTPUT_DIR}/apis/supervisor" + --update-report + --extra-pkgs "k8s.io/api/core/v1" + --output-dir "${OUTPUT_DIR}/client/supervisor/openapi" + --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/supervisor" + --boilerplate "${ROOT}/hack/boilerplate.go.txt" + ) + if [[ "$KUBE_1_35_OR_NEWER" == "yes" ]]; then + concierge_gen_openapi_args+=(--output-model-name-file "zz_generated.model_name.go") + supervisor_gen_openapi_args+=(--output-model-name-file "zz_generated.model_name.go") + fi + pushd "${OUTPUT_DIR}/apis/concierge" > /dev/null kube::codegen::gen_client "${OUTPUT_DIR}/apis/concierge" \ --with-watch \ --output-dir "${OUTPUT_DIR}/client/concierge" \ --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/concierge" \ --boilerplate "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-client-concierge > |" - # Note that --extra-pkgs can be set to generate openapi docs for other k8s APIs that our types depend upon - # aside from the default k8s packages that are already added automatically by the kube::codegen::gen_openapi script - # (meta/v1, runtime, and version). E.g. TokenCredentialRequestSpec uses corev1.TypedLocalObjectReference, so we - # add core/v1 when running codegen for the Concierge aggregated APIs here. - kube::codegen::gen_openapi "${OUTPUT_DIR}/apis/concierge" \ - --update-report \ - --extra-pkgs "k8s.io/api/core/v1" \ - --output-dir "${OUTPUT_DIR}/client/concierge/openapi" \ - --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/concierge" \ - --boilerplate "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-openapi-concierge > |" + kube::codegen::gen_openapi "${concierge_gen_openapi_args[@]}" 2>&1 | sed "s|^|gen-openapi-concierge > |" popd > /dev/null pushd "${OUTPUT_DIR}/apis/supervisor" > /dev/null @@ -250,12 +270,7 @@ if [[ "$KUBE_1_30_OR_NEWER" == "yes" ]]; then --output-dir "${OUTPUT_DIR}/client/supervisor" \ --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/supervisor" \ --boilerplate "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-client-supervisor > |" - kube::codegen::gen_openapi "${OUTPUT_DIR}/apis/supervisor" \ - --update-report \ - --extra-pkgs "k8s.io/api/core/v1" \ - --output-dir "${OUTPUT_DIR}/client/supervisor/openapi" \ - --output-pkg "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/supervisor" \ - --boilerplate "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-openapi-supervisor > |" + kube::codegen::gen_openapi "${supervisor_gen_openapi_args[@]}" 2>&1 | sed "s|^|gen-openapi-supervisor > |" popd > /dev/null # Tidy the client module after codegen. From 3c4c27260765b0c470615d5e003e799a9aadd02c Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Fri, 19 Dec 2025 15:16:03 -0800 Subject: [PATCH 09/11] rerun codegen to get model names in openapi generated code --- apis/concierge/identity/v1alpha1/doc.go.tmpl | 1 + apis/concierge/login/v1alpha1/doc.go.tmpl | 1 + .../clientsecret/v1alpha1/doc.go.tmpl | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../1.30/apis/concierge/login/v1alpha1/doc.go | 1 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../1.31/apis/concierge/login/v1alpha1/doc.go | 1 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../1.32/apis/concierge/login/v1alpha1/doc.go | 1 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../1.33/apis/concierge/login/v1alpha1/doc.go | 1 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../1.34/apis/concierge/login/v1alpha1/doc.go | 1 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../v1alpha1/zz_generated.model_name.go | 39 ++ .../1.35/apis/concierge/login/v1alpha1/doc.go | 1 + .../login/v1alpha1/zz_generated.model_name.go | 34 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../v1alpha1/zz_generated.model_name.go | 29 + .../concierge/openapi/zz_generated.openapi.go | 638 +++++++++--------- .../openapi/zz_generated.openapi.go | 601 +++++++++-------- .../apis/concierge/identity/v1alpha1/doc.go | 1 + .../v1alpha1/zz_generated.model_name.go | 39 ++ .../apis/concierge/login/v1alpha1/doc.go | 1 + .../login/v1alpha1/zz_generated.model_name.go | 34 + .../supervisor/clientsecret/v1alpha1/doc.go | 1 + .../v1alpha1/zz_generated.model_name.go | 29 + .../concierge/openapi/zz_generated.openapi.go | 638 +++++++++--------- .../openapi/zz_generated.openapi.go | 601 +++++++++-------- 34 files changed, 1470 insertions(+), 1236 deletions(-) create mode 100644 generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.model_name.go create mode 100644 generated/1.35/apis/concierge/login/v1alpha1/zz_generated.model_name.go create mode 100644 generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go create mode 100644 generated/latest/apis/concierge/identity/v1alpha1/zz_generated.model_name.go create mode 100644 generated/latest/apis/concierge/login/v1alpha1/zz_generated.model_name.go create mode 100644 generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go diff --git a/apis/concierge/identity/v1alpha1/doc.go.tmpl b/apis/concierge/identity/v1alpha1/doc.go.tmpl index a34b53c26..e7a9b5b98 100644 --- a/apis/concierge/identity/v1alpha1/doc.go.tmpl +++ b/apis/concierge/identity/v1alpha1/doc.go.tmpl @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/GENERATED_PKG/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/apis/concierge/login/v1alpha1/doc.go.tmpl b/apis/concierge/login/v1alpha1/doc.go.tmpl index 68fd10676..d832eb47d 100644 --- a/apis/concierge/login/v1alpha1/doc.go.tmpl +++ b/apis/concierge/login/v1alpha1/doc.go.tmpl @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/GENERATED_PKG/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/apis/supervisor/clientsecret/v1alpha1/doc.go.tmpl b/apis/supervisor/clientsecret/v1alpha1/doc.go.tmpl index 68e6974c8..2260c0fa8 100644 --- a/apis/supervisor/clientsecret/v1alpha1/doc.go.tmpl +++ b/apis/supervisor/clientsecret/v1alpha1/doc.go.tmpl @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/GENERATED_PKG/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.30/apis/concierge/identity/v1alpha1/doc.go b/generated/1.30/apis/concierge/identity/v1alpha1/doc.go index bb8a8889b..68442f43e 100644 --- a/generated/1.30/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.30/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.30/apis/concierge/login/v1alpha1/doc.go b/generated/1.30/apis/concierge/login/v1alpha1/doc.go index ebafe1ba3..fcad54bb9 100644 --- a/generated/1.30/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.30/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go index 9c1cddf68..8e0f96f28 100644 --- a/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.30/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.30/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.31/apis/concierge/identity/v1alpha1/doc.go b/generated/1.31/apis/concierge/identity/v1alpha1/doc.go index 2997075c6..337bb9164 100644 --- a/generated/1.31/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.31/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.31/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.31/apis/concierge/login/v1alpha1/doc.go b/generated/1.31/apis/concierge/login/v1alpha1/doc.go index 051807f19..88eab5fc9 100644 --- a/generated/1.31/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.31/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.31/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.31/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.31/apis/supervisor/clientsecret/v1alpha1/doc.go index 61e7541ea..6054fe178 100644 --- a/generated/1.31/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.31/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.31/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.32/apis/concierge/identity/v1alpha1/doc.go b/generated/1.32/apis/concierge/identity/v1alpha1/doc.go index e94c48e59..37e032059 100644 --- a/generated/1.32/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.32/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.32/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.32/apis/concierge/login/v1alpha1/doc.go b/generated/1.32/apis/concierge/login/v1alpha1/doc.go index 598ef24f7..20b2835f9 100644 --- a/generated/1.32/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.32/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.32/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.32/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.32/apis/supervisor/clientsecret/v1alpha1/doc.go index 51c540905..29440efba 100644 --- a/generated/1.32/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.32/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.32/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.33/apis/concierge/identity/v1alpha1/doc.go b/generated/1.33/apis/concierge/identity/v1alpha1/doc.go index d23417865..9fc91f363 100644 --- a/generated/1.33/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.33/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.33/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.33/apis/concierge/login/v1alpha1/doc.go b/generated/1.33/apis/concierge/login/v1alpha1/doc.go index d937dad25..bec0991fe 100644 --- a/generated/1.33/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.33/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.33/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.33/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.33/apis/supervisor/clientsecret/v1alpha1/doc.go index 375698429..f172c9547 100644 --- a/generated/1.33/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.33/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.33/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.34/apis/concierge/identity/v1alpha1/doc.go b/generated/1.34/apis/concierge/identity/v1alpha1/doc.go index 93d57bbd5..57cff4196 100644 --- a/generated/1.34/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.34/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.34/apis/concierge/login/v1alpha1/doc.go b/generated/1.34/apis/concierge/login/v1alpha1/doc.go index 0df501094..c714545be 100644 --- a/generated/1.34/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.34/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go index 9f617a763..824d6879f 100644 --- a/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.34/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.34/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.35/apis/concierge/identity/v1alpha1/doc.go b/generated/1.35/apis/concierge/identity/v1alpha1/doc.go index 10b3b8622..12758602b 100644 --- a/generated/1.35/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.35/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.model_name.go b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..2e08a8cd6 --- /dev/null +++ b/generated/1.35/apis/concierge/identity/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,39 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubernetesUserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.KubernetesUserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.UserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestStatus" +} diff --git a/generated/1.35/apis/concierge/login/v1alpha1/doc.go b/generated/1.35/apis/concierge/login/v1alpha1/doc.go index 0d7317c44..e4caac0f4 100644 --- a/generated/1.35/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.35/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.model_name.go b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..7106edc20 --- /dev/null +++ b/generated/1.35/apis/concierge/login/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,34 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCredential) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.ClusterCredential" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestStatus" +} diff --git a/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go index c95dc68a6..e1c80b1f1 100644 --- a/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..71a34695c --- /dev/null +++ b/generated/1.35/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,29 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestStatus" +} diff --git a/generated/1.35/client/concierge/openapi/zz_generated.openapi.go b/generated/1.35/client/concierge/openapi/zz_generated.openapi.go index 0a958ac0b..518757039 100644 --- a/generated/1.35/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/1.35/client/concierge/openapi/zz_generated.openapi.go @@ -9,6 +9,8 @@ package concierge import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1" v1 "k8s.io/api/core/v1" resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,308 +22,308 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), - v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), - v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), - v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), - v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), - v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), - v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), - v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), - v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), - v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), - v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), - v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), - v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), - v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), - v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), - v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), - v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), - v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), - v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), - v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), - v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), - v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), - v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), - v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), - v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), - v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), - v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), - v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), - v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), - v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), - v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), - v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), - v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), - v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), - v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), - v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), - v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), - v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), - v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), - v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), - v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), - v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), - v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), - v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), - v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), - v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), - v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), - v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), - v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), - v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), - v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), - v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), - v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), - v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), - v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), - v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), - v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), - v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), - v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), - v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), - v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), - v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), - v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), - v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), - v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), - v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), - v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), - v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), - v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), - v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), - v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), - v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), - v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), - v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), - v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), - v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), - v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), - v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), - v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), - v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), - v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), - v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), - v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), - v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), - v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), - v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), - v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), - v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), - v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), - v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), - v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), - v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), - v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), - v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), - v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), - v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), - v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), - v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), - v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), - v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), - v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), - v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), - v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), - v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), - v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), - v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), - v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), - v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), - v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), - v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), - v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), - v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), - v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), - v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), - v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), - v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), - v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), - v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), - v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), - v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), - v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), - v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), - v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), - v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), - v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), - v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), - v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), - v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), - v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), - v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), - v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), - v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), - v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), - v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), - v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), - v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), - v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), - v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), - v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), - v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), - v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), - v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), - v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), - v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), - v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), - v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), - v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), - v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), - v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), - v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), - v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), - v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), - v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), - v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), - resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), - metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), - metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), - metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), - metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), - metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), - metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), - metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), - metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), - metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), - metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), - metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), - metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), - metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), - metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), - metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), - metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), - metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), - metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), - metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), - metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), - metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), - metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), - metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), - metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), - metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), - metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), - metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), - metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), - metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), - metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), - metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), - metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), - metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), - metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), - metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), - metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), - metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), - metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), - metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), - metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), - metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), - runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), + v1alpha1.UserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_UserInfo(ref), + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), + v1alpha1.WhoAmIRequestList{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), + v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), + loginv1alpha1.ClusterCredential{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + loginv1alpha1.TokenCredentialRequestList{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -336,7 +338,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "User is the UserInfo associated with the current user.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo"), + Ref: ref(v1alpha1.UserInfo{}.OpenAPIModelName()), }, }, "audiences": { @@ -359,7 +361,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.UserInfo"}, + v1alpha1.UserInfo{}.OpenAPIModelName()}, } } @@ -460,20 +462,20 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref(v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref(v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(), v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -512,7 +514,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref(v1alpha1.WhoAmIRequest{}.OpenAPIModelName()), }, }, }, @@ -523,7 +525,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.WhoAmIRequest", metav1.ListMeta{}.OpenAPIModelName()}, + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -549,7 +551,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe SchemaProps: spec.SchemaProps{ Description: "The current authenticated user, exactly as Kubernetes understands it.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), + Ref: ref(v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()), }, }, }, @@ -557,7 +559,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()}, } } @@ -633,20 +635,20 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), + Ref: ref(loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Ref: ref(loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(), loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -685,7 +687,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest"), + Ref: ref(loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName()), }, }, }, @@ -696,7 +698,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.TokenCredentialRequest", metav1.ListMeta{}.OpenAPIModelName()}, + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -740,7 +742,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo "credential": { SchemaProps: spec.SchemaProps{ Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential"), + Ref: ref(loginv1alpha1.ClusterCredential{}.OpenAPIModelName()), }, }, "message": { @@ -754,7 +756,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/concierge/login/v1alpha1.ClusterCredential"}, + loginv1alpha1.ClusterCredential{}.OpenAPIModelName()}, } } diff --git a/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go b/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go index cdf00b545..7a846ccfa 100644 --- a/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go +++ b/generated/1.35/client/supervisor/openapi/zz_generated.openapi.go @@ -9,6 +9,7 @@ package supervisor import ( + v1alpha1 "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1" v1 "k8s.io/api/core/v1" resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,301 +21,301 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), - v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), - v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), - v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), - v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), - v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), - v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), - v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), - v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), - v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), - v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), - v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), - v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), - v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), - v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), - v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), - v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), - v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), - v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), - v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), - v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), - v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), - v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), - v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), - v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), - v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), - v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), - v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), - v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), - v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), - v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), - v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), - v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), - v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), - v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), - v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), - v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), - v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), - v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), - v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), - v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), - v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), - v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), - v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), - v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), - v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), - v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), - v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), - v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), - v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), - v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), - v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), - v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), - v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), - v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), - v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), - v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), - v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), - v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), - v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), - v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), - v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), - v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), - v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), - v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), - v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), - v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), - v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), - v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), - v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), - v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), - v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), - v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), - v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), - v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), - v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), - v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), - v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), - v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), - v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), - v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), - v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), - v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), - v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), - v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), - v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), - v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), - v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), - v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), - v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), - v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), - v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), - v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), - v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), - v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), - v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), - v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), - v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), - v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), - v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), - v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), - v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), - v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), - v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), - v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), - v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), - v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), - v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), - v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), - v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), - v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), - v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), - v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), - v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), - v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), - v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), - v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), - v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), - v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), - v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), - v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), - v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), - v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), - v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), - v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), - v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), - v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), - v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), - v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), - v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), - v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), - v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), - v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), - v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), - v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), - v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), - v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), - v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), - v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), - v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), - v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), - v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), - v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), - v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), - v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), - v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), - v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), - v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), - v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), - v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), - v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), - v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), - v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), - v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), - resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), - metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), - metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), - metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), - metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), - metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), - metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), - metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), - metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), - metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), - metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), - metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), - metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), - metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), - metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), - metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), - metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), - metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), - metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), - metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), - metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), - metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), - metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), - metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), - metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), - metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), - metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), - metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), - metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), - metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), - metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), - metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), - metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), - metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), - metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), - metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), - metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), - metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), - metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), - metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), - metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), - metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), - runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), + v1alpha1.OIDCClientSecretRequestList{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), + v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -348,13 +349,13 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), + Ref: ref(v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), + Ref: ref(v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName()), }, }, }, @@ -362,7 +363,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(), v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -401,7 +402,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), + Ref: ref(v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName()), }, }, }, @@ -412,7 +413,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re }, }, Dependencies: []string{ - "go.pinniped.dev/generated/1.35/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", metav1.ListMeta{}.OpenAPIModelName()}, + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } diff --git a/generated/latest/apis/concierge/identity/v1alpha1/doc.go b/generated/latest/apis/concierge/identity/v1alpha1/doc.go index cce3d19e3..4e9b7dedf 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/latest/apis/concierge/identity // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.identity.v1alpha1 // +groupName=identity.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. diff --git a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.model_name.go b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..2e08a8cd6 --- /dev/null +++ b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,39 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in KubernetesUserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.KubernetesUserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in UserInfo) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.UserInfo" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in WhoAmIRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.identity.v1alpha1.WhoAmIRequestStatus" +} diff --git a/generated/latest/apis/concierge/login/v1alpha1/doc.go b/generated/latest/apis/concierge/login/v1alpha1/doc.go index 06a9bb7eb..a14b2b23e 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/login/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/latest/apis/concierge/login // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.concierge.login.v1alpha1 // +groupName=login.concierge.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped login API. diff --git a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.model_name.go b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..7106edc20 --- /dev/null +++ b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,34 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in ClusterCredential) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.ClusterCredential" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in TokenCredentialRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.concierge.login.v1alpha1.TokenCredentialRequestStatus" +} diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/doc.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/doc.go index 5d1eb8f46..b45fd43ce 100644 --- a/generated/latest/apis/supervisor/clientsecret/v1alpha1/doc.go +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/doc.go @@ -5,6 +5,7 @@ // +k8s:deepcopy-gen=package // +k8s:conversion-gen=go.pinniped.dev/generated/latest/apis/supervisor/clientsecret // +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-model-package=dev.pinniped.apis.supervisor.clientsecret.v1alpha1 // +groupName=clientsecret.supervisor.pinniped.dev // Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go new file mode 100644 index 000000000..71a34695c --- /dev/null +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.model_name.go @@ -0,0 +1,29 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by openapi-gen. DO NOT EDIT. + +package v1alpha1 + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequest) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequest" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestList) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestList" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestSpec) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestSpec" +} + +// OpenAPIModelName returns the OpenAPI model name for this type. +func (in OIDCClientSecretRequestStatus) OpenAPIModelName() string { + return "dev.pinniped.apis.supervisor.clientsecret.v1alpha1.OIDCClientSecretRequestStatus" +} diff --git a/generated/latest/client/concierge/openapi/zz_generated.openapi.go b/generated/latest/client/concierge/openapi/zz_generated.openapi.go index 773961ef1..0d65f9e1e 100644 --- a/generated/latest/client/concierge/openapi/zz_generated.openapi.go +++ b/generated/latest/client/concierge/openapi/zz_generated.openapi.go @@ -9,6 +9,8 @@ package concierge import ( + v1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1" v1 "k8s.io/api/core/v1" resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,308 +22,308 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.KubernetesUserInfo": schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.UserInfo": schema_apis_concierge_identity_v1alpha1_UserInfo(ref), - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequest": schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestList": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus": schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), - v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), - v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), - v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), - v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), - v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), - v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), - v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), - v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), - v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), - v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), - v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), - v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), - v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), - v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), - v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), - v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), - v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), - v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), - v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), - v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), - v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), - v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), - v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), - v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), - v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), - v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), - v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), - v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), - v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), - v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), - v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), - v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), - v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), - v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), - v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), - v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), - v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), - v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), - v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), - v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), - v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), - v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), - v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), - v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), - v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), - v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), - v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), - v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), - v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), - v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), - v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), - v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), - v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), - v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), - v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), - v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), - v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), - v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), - v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), - v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), - v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), - v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), - v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), - v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), - v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), - v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), - v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), - v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), - v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), - v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), - v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), - v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), - v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), - v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), - v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), - v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), - v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), - v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), - v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), - v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), - v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), - v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), - v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), - v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), - v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), - v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), - v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), - v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), - v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), - v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), - v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), - v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), - v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), - v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), - v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), - v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), - v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), - v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), - v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), - v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), - v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), - v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), - v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), - v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), - v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), - v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), - v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), - v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), - v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), - v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), - v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), - v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), - v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), - v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), - v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), - v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), - v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), - v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), - v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), - v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), - v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), - v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), - v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), - v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), - v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), - v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), - v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), - v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), - v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), - v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), - v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), - v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), - v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), - v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), - v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), - v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), - v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), - v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), - v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), - v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), - v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), - v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), - v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), - v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), - v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), - v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), - v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), - v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), - v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), - v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), - v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), - v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), - v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), - resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), - metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), - metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), - metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), - metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), - metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), - metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), - metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), - metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), - metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), - metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), - metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), - metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), - metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), - metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), - metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), - metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), - metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), - metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), - metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), - metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), - metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), - metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), - metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), - metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), - metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), - metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), - metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), - metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), - metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), - metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), - metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), - metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), - metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), - metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), - metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), - metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), - metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), - metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), - metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), - metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), - metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), - runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref), + v1alpha1.UserInfo{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_UserInfo(ref), + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref), + v1alpha1.WhoAmIRequestList{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref), + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestSpec(ref), + v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref), + loginv1alpha1.ClusterCredential{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + loginv1alpha1.TokenCredentialRequestList{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(): schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -336,7 +338,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "User is the UserInfo associated with the current user.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.UserInfo"), + Ref: ref(v1alpha1.UserInfo{}.OpenAPIModelName()), }, }, "audiences": { @@ -359,7 +361,7 @@ func schema_apis_concierge_identity_v1alpha1_KubernetesUserInfo(ref common.Refer }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.UserInfo"}, + v1alpha1.UserInfo{}.OpenAPIModelName()}, } } @@ -460,20 +462,20 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequest(ref common.ReferenceC "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec"), + Ref: ref(v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus"), + Ref: ref(v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + v1alpha1.WhoAmIRequestSpec{}.OpenAPIModelName(), v1alpha1.WhoAmIRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -512,7 +514,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequest"), + Ref: ref(v1alpha1.WhoAmIRequest{}.OpenAPIModelName()), }, }, }, @@ -523,7 +525,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestList(ref common.Refere }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.WhoAmIRequest", metav1.ListMeta{}.OpenAPIModelName()}, + v1alpha1.WhoAmIRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -549,7 +551,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe SchemaProps: spec.SchemaProps{ Description: "The current authenticated user, exactly as Kubernetes understands it.", Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.KubernetesUserInfo"), + Ref: ref(v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()), }, }, }, @@ -557,7 +559,7 @@ func schema_apis_concierge_identity_v1alpha1_WhoAmIRequestStatus(ref common.Refe }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1.KubernetesUserInfo"}, + v1alpha1.KubernetesUserInfo{}.OpenAPIModelName()}, } } @@ -633,20 +635,20 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref common.Refe "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec"), + Ref: ref(loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus"), + Ref: ref(loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName()), }, }, }, }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec", "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + loginv1alpha1.TokenCredentialRequestSpec{}.OpenAPIModelName(), loginv1alpha1.TokenCredentialRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -685,7 +687,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequest"), + Ref: ref(loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName()), }, }, }, @@ -696,7 +698,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref common. }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequest", metav1.ListMeta{}.OpenAPIModelName()}, + loginv1alpha1.TokenCredentialRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } @@ -740,7 +742,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo "credential": { SchemaProps: spec.SchemaProps{ Description: "A Credential will be returned for a successful credential request.", - Ref: ref("go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.ClusterCredential"), + Ref: ref(loginv1alpha1.ClusterCredential{}.OpenAPIModelName()), }, }, "message": { @@ -754,7 +756,7 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref commo }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.ClusterCredential"}, + loginv1alpha1.ClusterCredential{}.OpenAPIModelName()}, } } diff --git a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go index a551be304..a36775a12 100644 --- a/generated/latest/client/supervisor/openapi/zz_generated.openapi.go +++ b/generated/latest/client/supervisor/openapi/zz_generated.openapi.go @@ -9,6 +9,7 @@ package supervisor import ( + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1" v1 "k8s.io/api/core/v1" resource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,301 +21,301 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), - v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), - v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), - v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), - v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), - v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), - v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), - v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), - v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), - v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), - v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), - v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), - v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), - v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), - v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), - v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), - v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), - v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), - v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), - v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), - v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), - v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), - v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), - v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), - v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), - v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), - v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), - v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), - v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), - v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), - v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), - v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), - v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), - v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), - v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), - v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), - v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), - v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), - v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), - v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), - v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), - v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), - v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), - v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), - v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), - v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), - v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), - v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), - v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), - v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), - v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), - v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), - v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), - v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), - v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), - v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), - v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), - v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), - v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), - v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), - v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), - v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), - v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), - v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), - v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), - v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), - v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), - v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), - v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), - v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), - v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), - v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), - v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), - v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), - v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), - v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), - v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), - v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), - v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), - v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), - v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), - v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), - v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), - v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), - v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), - v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), - v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), - v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), - v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), - v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), - v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), - v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), - v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), - v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), - v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), - v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), - v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), - v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), - v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), - v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), - v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), - v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), - v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), - v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), - v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), - v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), - v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), - v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), - v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), - v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), - v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), - v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), - v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), - v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), - v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), - v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), - v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), - v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), - v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), - v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), - v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), - v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), - v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), - v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), - v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), - v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), - v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), - v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), - v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), - v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), - v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), - v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), - v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), - v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), - v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), - v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), - v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), - v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), - v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), - v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), - v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), - v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), - v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), - v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), - v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), - v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), - v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), - v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), - v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), - v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), - v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), - v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), - v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), - v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), - v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), - v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), - v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), - v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), - v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), - v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), - v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), - v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), - v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), - v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), - v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), - v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), - v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), - v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), - v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), - v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), - v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), - v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), - v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), - v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), - v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), - v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), - v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), - v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), - v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), - v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), - v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), - v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), - v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), - v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), - v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), - v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), - v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), - v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), - v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), - v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), - v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), - v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), - v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), - v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), - v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), - v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), - v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), - v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), - v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), - v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), - v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), - v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), - v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), - v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), - v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), - v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), - v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), - v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), - v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), - v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), - v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), - v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), - v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), - v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), - v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), - v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), - v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), - v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), - v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), - v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), - v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), - v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), - v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), - v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), - v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), - v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), - v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), - v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), - v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), - v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), - v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), - v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), - v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), - v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), - v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), - v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), - v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), - v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), - resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), - metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), - metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), - metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), - metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), - metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), - metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), - metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), - metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), - metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), - metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), - metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), - metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), - metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), - metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), - metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), - metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), - metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), - metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), - metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), - metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), - metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), - metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), - metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), - metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), - metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), - metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), - metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), - metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), - metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), - metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), - metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), - metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), - metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), - metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), - metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), - metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), - metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), - metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), - metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), - metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), - metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), - metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), - runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref), + v1alpha1.OIDCClientSecretRequestList{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref), + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref), + v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(): schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref), + v1.AWSElasticBlockStoreVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + v1.Affinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Affinity(ref), + v1.AppArmorProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AppArmorProfile(ref), + v1.AttachedVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AttachedVolume(ref), + v1.AvoidPods{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AvoidPods(ref), + v1.AzureDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref), + v1.AzureFilePersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFilePersistentVolumeSource(ref), + v1.AzureFileVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_AzureFileVolumeSource(ref), + v1.Binding{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Binding(ref), + v1.CSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref), + v1.CSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CSIVolumeSource(ref), + v1.Capabilities{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Capabilities(ref), + v1.CephFSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSPersistentVolumeSource(ref), + v1.CephFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CephFSVolumeSource(ref), + v1.CinderPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderPersistentVolumeSource(ref), + v1.CinderVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_CinderVolumeSource(ref), + v1.ClientIPConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClientIPConfig(ref), + v1.ClusterTrustBundleProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ClusterTrustBundleProjection(ref), + v1.ComponentCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentCondition(ref), + v1.ComponentStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatus(ref), + v1.ComponentStatusList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ComponentStatusList(ref), + v1.ConfigMap{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMap(ref), + v1.ConfigMapEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapEnvSource(ref), + v1.ConfigMapKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapKeySelector(ref), + v1.ConfigMapList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapList(ref), + v1.ConfigMapNodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapNodeConfigSource(ref), + v1.ConfigMapProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapProjection(ref), + v1.ConfigMapVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ConfigMapVolumeSource(ref), + v1.Container{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Container(ref), + v1.ContainerExtendedResourceRequest{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerExtendedResourceRequest(ref), + v1.ContainerImage{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerImage(ref), + v1.ContainerPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerPort(ref), + v1.ContainerResizePolicy{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerResizePolicy(ref), + v1.ContainerRestartRule{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRule(ref), + v1.ContainerRestartRuleOnExitCodes{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerRestartRuleOnExitCodes(ref), + v1.ContainerState{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerState(ref), + v1.ContainerStateRunning{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateRunning(ref), + v1.ContainerStateTerminated{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateTerminated(ref), + v1.ContainerStateWaiting{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStateWaiting(ref), + v1.ContainerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerStatus(ref), + v1.ContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ContainerUser(ref), + v1.DaemonEndpoint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DaemonEndpoint(ref), + v1.DownwardAPIProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIProjection(ref), + v1.DownwardAPIVolumeFile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeFile(ref), + v1.DownwardAPIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_DownwardAPIVolumeSource(ref), + v1.EmptyDirVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EmptyDirVolumeSource(ref), + v1.EndpointAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointAddress(ref), + v1.EndpointPort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointPort(ref), + v1.EndpointSubset{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointSubset(ref), + v1.Endpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Endpoints(ref), + v1.EndpointsList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EndpointsList(ref), + v1.EnvFromSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvFromSource(ref), + v1.EnvVar{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVar(ref), + v1.EnvVarSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EnvVarSource(ref), + v1.EphemeralContainer{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainer(ref), + v1.EphemeralContainerCommon{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralContainerCommon(ref), + v1.EphemeralVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EphemeralVolumeSource(ref), + v1.Event{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Event(ref), + v1.EventList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventList(ref), + v1.EventSeries{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSeries(ref), + v1.EventSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_EventSource(ref), + v1.ExecAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ExecAction(ref), + v1.FCVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FCVolumeSource(ref), + v1.FileKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FileKeySelector(ref), + v1.FlexPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexPersistentVolumeSource(ref), + v1.FlexVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlexVolumeSource(ref), + v1.FlockerVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_FlockerVolumeSource(ref), + v1.GCEPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GCEPersistentDiskVolumeSource(ref), + v1.GRPCAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GRPCAction(ref), + v1.GitRepoVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GitRepoVolumeSource(ref), + v1.GlusterfsPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsPersistentVolumeSource(ref), + v1.GlusterfsVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_GlusterfsVolumeSource(ref), + v1.HTTPGetAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPGetAction(ref), + v1.HTTPHeader{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HTTPHeader(ref), + v1.HostAlias{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostAlias(ref), + v1.HostIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostIP(ref), + v1.HostPathVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_HostPathVolumeSource(ref), + v1.ISCSIPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIPersistentVolumeSource(ref), + v1.ISCSIVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ISCSIVolumeSource(ref), + v1.ImageVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ImageVolumeSource(ref), + v1.KeyToPath{}.OpenAPIModelName(): schema_k8sio_api_core_v1_KeyToPath(ref), + v1.Lifecycle{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Lifecycle(ref), + v1.LifecycleHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LifecycleHandler(ref), + v1.LimitRange{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRange(ref), + v1.LimitRangeItem{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeItem(ref), + v1.LimitRangeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeList(ref), + v1.LimitRangeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LimitRangeSpec(ref), + v1.LinuxContainerUser{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LinuxContainerUser(ref), + v1.List{}.OpenAPIModelName(): schema_k8sio_api_core_v1_List(ref), + v1.LoadBalancerIngress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerIngress(ref), + v1.LoadBalancerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LoadBalancerStatus(ref), + v1.LocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalObjectReference(ref), + v1.LocalVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_LocalVolumeSource(ref), + v1.ModifyVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ModifyVolumeStatus(ref), + v1.NFSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NFSVolumeSource(ref), + v1.Namespace{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Namespace(ref), + v1.NamespaceCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceCondition(ref), + v1.NamespaceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceList(ref), + v1.NamespaceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceSpec(ref), + v1.NamespaceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NamespaceStatus(ref), + v1.Node{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Node(ref), + v1.NodeAddress{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAddress(ref), + v1.NodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeAffinity(ref), + v1.NodeCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeCondition(ref), + v1.NodeConfigSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigSource(ref), + v1.NodeConfigStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeConfigStatus(ref), + v1.NodeDaemonEndpoints{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeDaemonEndpoints(ref), + v1.NodeFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeFeatures(ref), + v1.NodeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeList(ref), + v1.NodeProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeProxyOptions(ref), + v1.NodeRuntimeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandler(ref), + v1.NodeRuntimeHandlerFeatures{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeRuntimeHandlerFeatures(ref), + v1.NodeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelector(ref), + v1.NodeSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorRequirement(ref), + v1.NodeSelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSelectorTerm(ref), + v1.NodeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSpec(ref), + v1.NodeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeStatus(ref), + v1.NodeSwapStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSwapStatus(ref), + v1.NodeSystemInfo{}.OpenAPIModelName(): schema_k8sio_api_core_v1_NodeSystemInfo(ref), + v1.ObjectFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectFieldSelector(ref), + v1.ObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ObjectReference(ref), + v1.PersistentVolume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolume(ref), + v1.PersistentVolumeClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaim(ref), + v1.PersistentVolumeClaimCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimCondition(ref), + v1.PersistentVolumeClaimList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimList(ref), + v1.PersistentVolumeClaimSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimSpec(ref), + v1.PersistentVolumeClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimStatus(ref), + v1.PersistentVolumeClaimTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimTemplate(ref), + v1.PersistentVolumeClaimVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeClaimVolumeSource(ref), + v1.PersistentVolumeList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeList(ref), + v1.PersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSource(ref), + v1.PersistentVolumeSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeSpec(ref), + v1.PersistentVolumeStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PersistentVolumeStatus(ref), + v1.PhotonPersistentDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PhotonPersistentDiskVolumeSource(ref), + v1.Pod{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Pod(ref), + v1.PodAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinity(ref), + v1.PodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAffinityTerm(ref), + v1.PodAntiAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAntiAffinity(ref), + v1.PodAttachOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodAttachOptions(ref), + v1.PodCertificateProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCertificateProjection(ref), + v1.PodCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodCondition(ref), + v1.PodDNSConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfig(ref), + v1.PodDNSConfigOption{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodDNSConfigOption(ref), + v1.PodExecOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExecOptions(ref), + v1.PodExtendedResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodExtendedResourceClaimStatus(ref), + v1.PodIP{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodIP(ref), + v1.PodList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodList(ref), + v1.PodLogOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodLogOptions(ref), + v1.PodOS{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodOS(ref), + v1.PodPortForwardOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodPortForwardOptions(ref), + v1.PodProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodProxyOptions(ref), + v1.PodReadinessGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodReadinessGate(ref), + v1.PodResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaim(ref), + v1.PodResourceClaimStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodResourceClaimStatus(ref), + v1.PodSchedulingGate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSchedulingGate(ref), + v1.PodSecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSecurityContext(ref), + v1.PodSignature{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSignature(ref), + v1.PodSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodSpec(ref), + v1.PodStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatus(ref), + v1.PodStatusResult{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodStatusResult(ref), + v1.PodTemplate{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplate(ref), + v1.PodTemplateList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateList(ref), + v1.PodTemplateSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PodTemplateSpec(ref), + v1.PortStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortStatus(ref), + v1.PortworxVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PortworxVolumeSource(ref), + v1.PreferAvoidPodsEntry{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferAvoidPodsEntry(ref), + v1.PreferredSchedulingTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_PreferredSchedulingTerm(ref), + v1.Probe{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Probe(ref), + v1.ProbeHandler{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProbeHandler(ref), + v1.ProjectedVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ProjectedVolumeSource(ref), + v1.QuobyteVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_QuobyteVolumeSource(ref), + v1.RBDPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDPersistentVolumeSource(ref), + v1.RBDVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RBDVolumeSource(ref), + v1.RangeAllocation{}.OpenAPIModelName(): schema_k8sio_api_core_v1_RangeAllocation(ref), + v1.ReplicationController{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationController(ref), + v1.ReplicationControllerCondition{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerCondition(ref), + v1.ReplicationControllerList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerList(ref), + v1.ReplicationControllerSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerSpec(ref), + v1.ReplicationControllerStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ReplicationControllerStatus(ref), + v1.ResourceClaim{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceClaim(ref), + v1.ResourceFieldSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceFieldSelector(ref), + v1.ResourceHealth{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceHealth(ref), + v1.ResourceQuota{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuota(ref), + v1.ResourceQuotaList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaList(ref), + v1.ResourceQuotaSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaSpec(ref), + v1.ResourceQuotaStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceQuotaStatus(ref), + v1.ResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceRequirements(ref), + v1.ResourceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ResourceStatus(ref), + v1.SELinuxOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SELinuxOptions(ref), + v1.ScaleIOPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOPersistentVolumeSource(ref), + v1.ScaleIOVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScaleIOVolumeSource(ref), + v1.ScopeSelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopeSelector(ref), + v1.ScopedResourceSelectorRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ScopedResourceSelectorRequirement(ref), + v1.SeccompProfile{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SeccompProfile(ref), + v1.Secret{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Secret(ref), + v1.SecretEnvSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretEnvSource(ref), + v1.SecretKeySelector{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretKeySelector(ref), + v1.SecretList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretList(ref), + v1.SecretProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretProjection(ref), + v1.SecretReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretReference(ref), + v1.SecretVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecretVolumeSource(ref), + v1.SecurityContext{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SecurityContext(ref), + v1.SerializedReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SerializedReference(ref), + v1.Service{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Service(ref), + v1.ServiceAccount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccount(ref), + v1.ServiceAccountList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountList(ref), + v1.ServiceAccountTokenProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceAccountTokenProjection(ref), + v1.ServiceList{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceList(ref), + v1.ServicePort{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServicePort(ref), + v1.ServiceProxyOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceProxyOptions(ref), + v1.ServiceSpec{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceSpec(ref), + v1.ServiceStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_ServiceStatus(ref), + v1.SessionAffinityConfig{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SessionAffinityConfig(ref), + v1.SleepAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_SleepAction(ref), + v1.StorageOSPersistentVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSPersistentVolumeSource(ref), + v1.StorageOSVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_StorageOSVolumeSource(ref), + v1.Sysctl{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Sysctl(ref), + v1.TCPSocketAction{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TCPSocketAction(ref), + v1.Taint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Taint(ref), + v1.Toleration{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Toleration(ref), + v1.TopologySelectorLabelRequirement{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorLabelRequirement(ref), + v1.TopologySelectorTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySelectorTerm(ref), + v1.TopologySpreadConstraint{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TopologySpreadConstraint(ref), + v1.TypedLocalObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedLocalObjectReference(ref), + v1.TypedObjectReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_TypedObjectReference(ref), + v1.Volume{}.OpenAPIModelName(): schema_k8sio_api_core_v1_Volume(ref), + v1.VolumeDevice{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeDevice(ref), + v1.VolumeMount{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMount(ref), + v1.VolumeMountStatus{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeMountStatus(ref), + v1.VolumeNodeAffinity{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeNodeAffinity(ref), + v1.VolumeProjection{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeProjection(ref), + v1.VolumeResourceRequirements{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeResourceRequirements(ref), + v1.VolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VolumeSource(ref), + v1.VsphereVirtualDiskVolumeSource{}.OpenAPIModelName(): schema_k8sio_api_core_v1_VsphereVirtualDiskVolumeSource(ref), + v1.WeightedPodAffinityTerm{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WeightedPodAffinityTerm(ref), + v1.WindowsSecurityContextOptions{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WindowsSecurityContextOptions(ref), + v1.WorkloadReference{}.OpenAPIModelName(): schema_k8sio_api_core_v1_WorkloadReference(ref), + resource.Quantity{}.OpenAPIModelName(): schema_apimachinery_pkg_api_resource_Quantity(ref), + metav1.APIGroup{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroup(ref), + metav1.APIGroupList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIGroupList(ref), + metav1.APIResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResource(ref), + metav1.APIResourceList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIResourceList(ref), + metav1.APIVersions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_APIVersions(ref), + metav1.ApplyOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ApplyOptions(ref), + metav1.Condition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Condition(ref), + metav1.CreateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_CreateOptions(ref), + metav1.DeleteOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_DeleteOptions(ref), + metav1.Duration{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Duration(ref), + metav1.FieldSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldSelectorRequirement(ref), + metav1.FieldsV1{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_FieldsV1(ref), + metav1.GetOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GetOptions(ref), + metav1.GroupKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupKind(ref), + metav1.GroupResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupResource(ref), + metav1.GroupVersion{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersion(ref), + metav1.GroupVersionForDiscovery{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + metav1.GroupVersionKind{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionKind(ref), + metav1.GroupVersionResource{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_GroupVersionResource(ref), + metav1.InternalEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_InternalEvent(ref), + metav1.LabelSelector{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelector(ref), + metav1.LabelSelectorRequirement{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + metav1.List{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_List(ref), + metav1.ListMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListMeta(ref), + metav1.ListOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ListOptions(ref), + metav1.ManagedFieldsEntry{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + metav1.MicroTime{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_MicroTime(ref), + metav1.ObjectMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ObjectMeta(ref), + metav1.OwnerReference{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_OwnerReference(ref), + metav1.PartialObjectMetadata{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + metav1.PartialObjectMetadataList{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + metav1.Patch{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Patch(ref), + metav1.PatchOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_PatchOptions(ref), + metav1.Preconditions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Preconditions(ref), + metav1.RootPaths{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_RootPaths(ref), + metav1.ServerAddressByClientCIDR{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + metav1.Status{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Status(ref), + metav1.StatusCause{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusCause(ref), + metav1.StatusDetails{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_StatusDetails(ref), + metav1.Table{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Table(ref), + metav1.TableColumnDefinition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + metav1.TableOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableOptions(ref), + metav1.TableRow{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRow(ref), + metav1.TableRowCondition{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TableRowCondition(ref), + metav1.Time{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Time(ref), + metav1.Timestamp{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_Timestamp(ref), + metav1.TypeMeta{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_TypeMeta(ref), + metav1.UpdateOptions{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_UpdateOptions(ref), + metav1.WatchEvent{}.OpenAPIModelName(): schema_pkg_apis_meta_v1_WatchEvent(ref), + runtime.RawExtension{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + runtime.TypeMeta{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + runtime.Unknown{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + version.Info{}.OpenAPIModelName(): schema_k8sio_apimachinery_pkg_version_Info(ref), } } @@ -348,13 +349,13 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co "spec": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec"), + Ref: ref(v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName()), }, }, "status": { SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus"), + Ref: ref(v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName()), }, }, }, @@ -362,7 +363,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequest(ref co }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec", "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus", metav1.ObjectMeta{}.OpenAPIModelName()}, + v1alpha1.OIDCClientSecretRequestSpec{}.OpenAPIModelName(), v1alpha1.OIDCClientSecretRequestStatus{}.OpenAPIModelName(), metav1.ObjectMeta{}.OpenAPIModelName()}, } } @@ -401,7 +402,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest"), + Ref: ref(v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName()), }, }, }, @@ -412,7 +413,7 @@ func schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(re }, }, Dependencies: []string{ - "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequest", metav1.ListMeta{}.OpenAPIModelName()}, + v1alpha1.OIDCClientSecretRequest{}.OpenAPIModelName(), metav1.ListMeta{}.OpenAPIModelName()}, } } From 44509d016ec37be02da34f6dce8512e750f8751e Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 22 Dec 2025 10:34:53 -0800 Subject: [PATCH 10/11] standardize import of "k8s.io/client-go/kubernetes/fake" --- .golangci.yaml | 2 ++ cmd/pinniped/cmd/kubeconfig_test.go | 6 ++-- .../admissionpluginconfig_test.go | 8 +++--- internal/clusterhost/clusterhost_test.go | 4 +-- .../apicerts/apiservice_updater_test.go | 6 ++-- .../controller/apicerts/certs_expirer_test.go | 12 ++++---- .../controller/apicerts/certs_manager_test.go | 10 +++---- .../apicerts/certs_observer_test.go | 6 ++-- .../jwtcachefiller/jwtcachefiller_test.go | 8 +++--- .../webhookcachefiller_test.go | 8 +++--- .../impersonator_config_test.go | 28 +++++++++---------- ...e_account_token_cleanup_controller_test.go | 12 ++++---- .../active_directory_upstream_watcher_test.go | 10 +++---- .../federation_domain_secrets_test.go | 28 +++++++++---------- .../generator/supervisor_secrets_test.go | 26 ++++++++--------- .../github_upstream_watcher_test.go | 16 +++++------ .../supervisorconfig/jwks_observer_test.go | 6 ++-- .../supervisorconfig/jwks_writer_test.go | 18 ++++++------ .../ldap_upstream_watcher_test.go | 10 +++---- .../oidc_client_watcher_test.go | 8 +++--- .../oidc_upstream_watcher_test.go | 8 +++--- .../tls_cert_observer_test.go | 6 ++-- .../garbage_collector_test.go | 10 +++---- .../tlsconfigutil/tls_config_util_test.go | 4 +-- .../controller/creating_test.go | 4 +-- internal/crud/crud_test.go | 4 +-- .../clientregistry/clientregistry_test.go | 8 +++--- .../endpoints/auth/auth_handler_test.go | 12 ++++---- .../callback/callback_handler_test.go | 16 +++++------ .../login/post_login_handler_test.go | 18 ++++++------ .../endpoints/token/token_handler_test.go | 22 +++++++-------- .../endpointsmanager/manager_test.go | 6 ++-- .../accesstoken/accesstoken_test.go | 6 ++-- .../authorizationcode_test.go | 8 +++--- .../openidconnect/openidconnect_test.go | 6 ++-- internal/fositestorage/pkce/pkce_test.go | 6 ++-- .../refreshtoken/refreshtoken_test.go | 6 ++-- .../localuserauthenticator_test.go | 6 ++-- .../oidcclientsecretstorage_test.go | 14 +++++----- .../session_storage_assertions.go | 6 ++-- internal/testutil/psession.go | 8 +++--- internal/tokenclient/tokenclient_test.go | 8 +++--- 42 files changed, 213 insertions(+), 211 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 13665b474..10cff8c61 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -90,6 +90,8 @@ linters: alias: supervisorclientsetscheme - pkg: go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake alias: supervisorfake + - pkg: k8s.io/client-go/kubernetes/fake + alias: kubefake - pkg: go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1 alias: idpv1alpha1 - pkg: go.pinniped.dev/generated/latest/client/concierge/informers/externalversions diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index 51c767258..5142d0d52 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -19,7 +19,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/kubernetes" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/clientcmd" v1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" @@ -3860,10 +3860,10 @@ func TestGetKubeconfig(t *testing.T) { } //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function fakeAggregatorClient := aggregatorfake.NewSimpleClientset(tt.apiServiceObjects...) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() if tt.kubeObjects != nil { kubeObjects := tt.kubeObjects(string(testServerCA)) - fakeKubeClient = fake.NewClientset(kubeObjects...) + fakeKubeClient = kubefake.NewClientset(kubeObjects...) } //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeConciergeClient := conciergefake.NewSimpleClientset() diff --git a/internal/admissionpluginconfig/admissionpluginconfig_test.go b/internal/admissionpluginconfig/admissionpluginconfig_test.go index 6dd2c57e1..4a4d14ce2 100644 --- a/internal/admissionpluginconfig/admissionpluginconfig_test.go +++ b/internal/admissionpluginconfig/admissionpluginconfig_test.go @@ -16,7 +16,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apiserver/pkg/server/options" "k8s.io/client-go/discovery" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" k8stesting "k8s.io/client-go/testing" ) @@ -235,7 +235,7 @@ func TestConfigureAdmissionPlugins(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() kubeClient.Resources = tt.availableAPIResources // Unfortunately, NewClientset() does not support using reactors to @@ -275,12 +275,12 @@ func TestConfigureAdmissionPlugins(t *testing.T) { } type fakeDiscoveryClient struct { - fakeClientSet *kubernetesfake.Clientset + fakeClientSet *kubefake.Clientset } var _ discovery.ServerResourcesInterface = &fakeDiscoveryClient{} -func newFakeDiscoveryClient(fakeClientSet *kubernetesfake.Clientset) *fakeDiscoveryClient { +func newFakeDiscoveryClient(fakeClientSet *kubefake.Clientset) *fakeDiscoveryClient { return &fakeDiscoveryClient{ fakeClientSet: fakeClientSet, } diff --git a/internal/clusterhost/clusterhost_test.go b/internal/clusterhost/clusterhost_test.go index 44f4af2e9..6eef2a63e 100644 --- a/internal/clusterhost/clusterhost_test.go +++ b/internal/clusterhost/clusterhost_test.go @@ -12,7 +12,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" ) @@ -143,7 +143,7 @@ func TestHasControlPlaneNodes(t *testing.T) { for _, tt := range tests { test := tt t.Run(test.name, func(t *testing.T) { - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() if test.listNodesErr != nil { listNodesErr := test.listNodesErr kubeClient.PrependReactor( diff --git a/internal/controller/apicerts/apiservice_updater_test.go b/internal/controller/apicerts/apiservice_updater_test.go index f367d39e3..603c50101 100644 --- a/internal/controller/apicerts/apiservice_updater_test.go +++ b/internal/controller/apicerts/apiservice_updater_test.go @@ -16,7 +16,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" aggregatorfake "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/fake" @@ -109,7 +109,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) { var subject controllerlib.Controller var aggregatorAPIClient *aggregatorfake.Clientset - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -148,7 +148,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function aggregatorAPIClient = aggregatorfake.NewSimpleClientset() diff --git a/internal/controller/apicerts/certs_expirer_test.go b/internal/controller/apicerts/certs_expirer_test.go index b0af047d5..8fcb6e0b1 100644 --- a/internal/controller/apicerts/certs_expirer_test.go +++ b/internal/controller/apicerts/certs_expirer_test.go @@ -21,7 +21,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -90,7 +90,7 @@ func TestExpirerControllerFilters(t *testing.T) { t.Parallel() secretsInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -127,7 +127,7 @@ func TestExpirerControllerSync(t *testing.T) { name string renewBefore time.Duration fillSecretData func(*testing.T, map[string][]byte) - configKubeAPIClient func(*kubernetesfake.Clientset) + configKubeAPIClient func(*kubefake.Clientset) wantDelete bool wantLog string wantError string @@ -197,7 +197,7 @@ func TestExpirerControllerSync(t *testing.T) { m[fakeTestKey] = certPEM }, - configKubeAPIClient: func(c *kubernetesfake.Clientset) { + configKubeAPIClient: func(c *kubefake.Clientset) { c.PrependReactor("delete", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("delete failed: some delete error") }) @@ -224,7 +224,7 @@ func TestExpirerControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() if test.configKubeAPIClient != nil { test.configKubeAPIClient(kubeAPIClient) } @@ -232,7 +232,7 @@ func TestExpirerControllerSync(t *testing.T) { testRV := "rv_001" testUID := types.UID("uid_002") - kubeInformerClient := kubernetesfake.NewClientset() + kubeInformerClient := kubefake.NewClientset() name := certsSecretResourceName namespace := "some-namespace" if test.fillSecretData != nil { diff --git a/internal/controller/apicerts/certs_manager_test.go b/internal/controller/apicerts/certs_manager_test.go index da718047c..e87f019ed 100644 --- a/internal/controller/apicerts/certs_manager_test.go +++ b/internal/controller/apicerts/certs_manager_test.go @@ -17,7 +17,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -123,8 +123,8 @@ func TestManagerControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeAPIClient *kubernetesfake.Clientset - var kubeInformerClient *kubernetesfake.Clientset + var kubeAPIClient *kubefake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -170,9 +170,9 @@ func TestManagerControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) - kubeAPIClient = kubernetesfake.NewClientset() + kubeAPIClient = kubefake.NewClientset() }) it.After(func() { diff --git a/internal/controller/apicerts/certs_observer_test.go b/internal/controller/apicerts/certs_observer_test.go index 01b0823e7..f9a501892 100644 --- a/internal/controller/apicerts/certs_observer_test.go +++ b/internal/controller/apicerts/certs_observer_test.go @@ -15,7 +15,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" "go.pinniped.dev/internal/certauthority" "go.pinniped.dev/internal/controllerlib" @@ -105,7 +105,7 @@ func TestObserverControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -144,7 +144,7 @@ func TestObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) dynamicCertProvider = dynamiccert.NewServingCert(name) }) diff --git a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go index 9138af1da..af315f499 100644 --- a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go +++ b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go @@ -35,7 +35,7 @@ import ( "k8s.io/apiserver/pkg/authentication/authenticator" "k8s.io/apiserver/pkg/authentication/user" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -2993,7 +2993,7 @@ func TestController(t *testing.T) { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubefake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -3536,7 +3536,7 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function @@ -3597,7 +3597,7 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function diff --git a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go index ff79e3d4e..dfc15f1b7 100644 --- a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go +++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go @@ -27,7 +27,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" "k8s.io/utils/ptr" @@ -2124,7 +2124,7 @@ func TestController(t *testing.T) { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubefake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -2378,7 +2378,7 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function @@ -2442,7 +2442,7 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function diff --git a/internal/controller/impersonatorconfig/impersonator_config_test.go b/internal/controller/impersonatorconfig/impersonator_config_test.go index bf893f1ed..e7f108afc 100644 --- a/internal/controller/impersonatorconfig/impersonator_config_test.go +++ b/internal/controller/impersonatorconfig/impersonator_config_test.go @@ -31,7 +31,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -282,11 +282,11 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeAPIClient *kubernetesfake.Clientset + var kubeAPIClient *kubefake.Clientset var pinnipedAPIClient *conciergefake.Clientset var pinnipedInformerClient *conciergefake.Clientset var pinnipedInformers conciergeinformers.SharedInformerFactory - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -807,19 +807,19 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { waitForObjectToAppearInInformer(service, informer) } - var addLoadBalancerServiceToTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var addLoadBalancerServiceToTracker = func(resourceName string, client *kubefake.Clientset) { loadBalancerService := newLoadBalancerService(resourceName, corev1.ServiceStatus{}) r.NoError(client.Tracker().Add(loadBalancerService)) } - var addLoadBalancerServiceWithIngressToTracker = func(resourceName string, ingress []corev1.LoadBalancerIngress, client *kubernetesfake.Clientset) { + var addLoadBalancerServiceWithIngressToTracker = func(resourceName string, ingress []corev1.LoadBalancerIngress, client *kubefake.Clientset) { loadBalancerService := newLoadBalancerService(resourceName, corev1.ServiceStatus{ LoadBalancer: corev1.LoadBalancerStatus{Ingress: ingress}, }) r.NoError(client.Tracker().Add(loadBalancerService)) } - var addClusterIPServiceToTracker = func(resourceName string, clusterIP string, client *kubernetesfake.Clientset) { + var addClusterIPServiceToTracker = func(resourceName string, clusterIP string, client *kubefake.Clientset) { clusterIPService := newClusterIPService(resourceName, corev1.ServiceStatus{}, corev1.ServiceSpec{ Type: corev1.ServiceTypeClusterIP, ClusterIP: clusterIP, @@ -835,7 +835,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { r.NoError(client.Tracker().Add(clusterIPService)) } - var addDualStackClusterIPServiceToTracker = func(resourceName string, clusterIP0 string, clusterIP1 string, client *kubernetesfake.Clientset) { + var addDualStackClusterIPServiceToTracker = func(resourceName string, clusterIP0 string, clusterIP1 string, client *kubefake.Clientset) { clusterIPService := newClusterIPService(resourceName, corev1.ServiceStatus{}, corev1.ServiceSpec{ Type: corev1.ServiceTypeClusterIP, ClusterIP: clusterIP0, @@ -852,21 +852,21 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { r.NoError(client.Tracker().Add(clusterIPService)) } - var addSecretToTrackers = func(secret *corev1.Secret, clients ...*kubernetesfake.Clientset) { + var addSecretToTrackers = func(secret *corev1.Secret, clients ...*kubefake.Clientset) { for _, client := range clients { secretCopy := secret.DeepCopy() r.NoError(client.Tracker().Add(secretCopy)) } } - var addServiceToTrackers = func(service *corev1.Service, clients ...*kubernetesfake.Clientset) { + var addServiceToTrackers = func(service *corev1.Service, clients ...*kubefake.Clientset) { for _, client := range clients { serviceCopy := service.DeepCopy() r.NoError(client.Tracker().Add(serviceCopy)) } } - var deleteServiceFromTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var deleteServiceFromTracker = func(resourceName string, client *kubefake.Clientset) { r.NoError(client.Tracker().Delete( schema.GroupVersionResource{Version: "v1", Resource: "services"}, installedInNamespace, @@ -874,7 +874,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { )) } - var deleteSecretFromTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var deleteSecretFromTracker = func(resourceName string, client *kubefake.Clientset) { r.NoError(client.Tracker().Delete( schema.GroupVersionResource{Version: "v1", Resource: "secrets"}, installedInNamespace, @@ -882,7 +882,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { )) } - var addNodeWithRoleToTracker = func(role string, client *kubernetesfake.Clientset) { + var addNodeWithRoleToTracker = func(role string, client *kubefake.Clientset) { r.NoError(client.Tracker().Add( &corev1.Node{ ObjectMeta: metav1.ObjectMeta{ @@ -1132,11 +1132,11 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { pinnipedInformerClient = conciergefake.NewSimpleClientset() pinnipedInformers = conciergeinformers.NewSharedInformerFactoryWithOptions(pinnipedInformerClient, 0) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactoryWithOptions(kubeInformerClient, 0, k8sinformers.WithNamespace(installedInNamespace), ) - kubeAPIClient = kubernetesfake.NewClientset() + kubeAPIClient = kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient = conciergefake.NewSimpleClientset() frozenNow = time.Date(2021, time.March, 2, 7, 42, 0, 0, time.Local) diff --git a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go index c02d8a310..ec3e4bc40 100644 --- a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go +++ b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go @@ -14,7 +14,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" kubeinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -77,7 +77,7 @@ func TestSync(t *testing.T) { name string secretNameToDelete string namespace string - addReactors func(*kubernetesfake.Clientset) + addReactors func(*kubefake.Clientset) expectedErrMessage string expectedActions []kubetesting.Action }{ @@ -106,7 +106,7 @@ func TestSync(t *testing.T) { name: "returns API errors", secretNameToDelete: "secret-to-delete", namespace: "other-namespace", - addReactors: func(clientset *kubernetesfake.Clientset) { + addReactors: func(clientset *kubefake.Clientset) { clientset.PrependReactor( "delete", "secrets", @@ -170,11 +170,11 @@ func TestSync(t *testing.T) { } } -func setupKubernetes(t *testing.T, namespace string) (*kubernetesfake.Clientset, kubeinformers.SharedInformerFactory) { +func setupKubernetes(t *testing.T, namespace string) (*kubefake.Clientset, kubeinformers.SharedInformerFactory) { t.Helper() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() kubeInformers := kubeinformers.NewSharedInformerFactory( kubeInformerClient, diff --git a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go index b9563202a..79fdff072 100644 --- a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -99,7 +99,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterSecrets(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -145,7 +145,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterConfigMaps(t *testing.T) fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -191,7 +191,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterActiveDirectoryIdentityPr fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -2313,7 +2313,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputK8sObjects...) + fakeKubeClient := kubefake.NewClientset(tt.inputK8sObjects...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetActiveDirectoryIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go index 21777716f..48c695314 100644 --- a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" @@ -180,7 +180,7 @@ func TestFederationDomainControllerFilterSecret(t *testing.T) { ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -243,7 +243,7 @@ func TestNewFederationDomainSecretsControllerFilterFederationDomain(t *testing.T ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -362,7 +362,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { tests := []struct { name string storage func(**supervisorconfigv1alpha1.FederationDomain, **corev1.Secret) - client func(*supervisorfake.Clientset, *kubernetesfake.Clientset) + client func(*supervisorfake.Clientset, *kubefake.Clientset) secretHelper func(*mocksecrethelper.MockSecretHelper) wantFederationDomainActions []kubetesting.Action wantSecretActions []kubetesting.Action @@ -408,7 +408,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, goodFederationDomainWithJWKS, nil }) @@ -431,7 +431,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, goodFederationDomainWithJWKSAndTokenSigningKey, nil }) @@ -495,7 +495,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().IsValid(goodFederationDomain, goodSecret).Times(1).Return(false) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("get", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -513,7 +513,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper: func(secretHelper *mocksecrethelper.MockSecretHelper) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("create", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -530,7 +530,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().IsValid(goodFederationDomain, goodSecret).Times(2).Return(false) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -551,7 +551,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(3).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { once := sync.Once{} c.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { var err error @@ -580,7 +580,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(2).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -604,7 +604,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(2).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { once := sync.Once{} c.PrependReactor("update", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { var err error @@ -636,8 +636,8 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient := supervisorfake.NewSimpleClientset() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() federationDomain := goodFederationDomain.DeepCopy() secret := goodSecret.DeepCopy() diff --git a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go index df52d9200..5d305c0f4 100644 --- a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go @@ -17,7 +17,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -104,7 +104,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -131,7 +131,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { func TestSupervisorSecretsControllerInitialEvent(t *testing.T) { initialEventOption := testutil.NewObservableWithInitialEventOption() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() _ = NewSupervisorSecretsController( @@ -199,7 +199,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { name string storedSecret func(**corev1.Secret) generateKey func() ([]byte, error) - apiClient func(*testing.T, *kubernetesfake.Clientset) + apiClient func(*testing.T, *kubefake.Clientset) wantError string wantActions []kubetesting.Action wantCallbackSecret []byte @@ -256,7 +256,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { *secret = nil }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("create", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -271,7 +271,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -287,7 +287,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -302,7 +302,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { var err error once.Do(func() { @@ -324,7 +324,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, otherGeneratedSecret, nil }) @@ -361,7 +361,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, apierrors.NewNotFound(secretsGVR.GroupResource(), generatedSecretName) }) @@ -380,7 +380,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, apierrors.NewNotFound(secretsGVR.GroupResource(), generatedSecretName) }) @@ -420,11 +420,11 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { } } - apiClient := kubernetesfake.NewClientset() + apiClient := kubefake.NewClientset() if test.apiClient != nil { test.apiClient(t, apiClient) } - informerClient := kubernetesfake.NewClientset() + informerClient := kubefake.NewClientset() storedSecret := generatedSecret.DeepCopy() if test.storedSecret != nil { diff --git a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go index 46b25f755..228858c6a 100644 --- a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go @@ -25,7 +25,7 @@ import ( "k8s.io/apimachinery/pkg/util/cache" utilnet "k8s.io/apimachinery/pkg/util/net" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/utils/clock" clocktesting "k8s.io/utils/clock/testing" @@ -2441,7 +2441,7 @@ func TestController(t *testing.T) { fakeSupervisorClient := supervisorfake.NewSimpleClientset(tt.githubIdentityProviders...) supervisorInformers := supervisorinformers.NewSharedInformerFactory(fakeSupervisorClient, 0) - fakeKubeClient := kubernetesfake.NewClientset(tt.secretsAndConfigMaps...) + fakeKubeClient := kubefake.NewClientset(tt.secretsAndConfigMaps...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) idpCache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() @@ -2840,7 +2840,7 @@ func TestController_OnlyWantActions(t *testing.T) { tt.addSupervisorReactors(fakeSupervisorClient) } - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(tt.secrets...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(tt.secrets...), 0) logger, _ := plog.TestLogger(t) @@ -2960,7 +2960,7 @@ func TestGitHubUpstreamWatcherControllerFilterSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) logger, _ := plog.TestLogger(t) @@ -3023,7 +3023,7 @@ func TestGitHubUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { logger, _ := plog.TestLogger(t) observableInformers := testutil.NewObservableWithInformerOption() - configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps() + configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().ConfigMaps() _ = New( namespace, @@ -3032,7 +3032,7 @@ func TestGitHubUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { supervisorfake.NewSimpleClientset(), //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(), 0).IDP().V1alpha1().GitHubIdentityProviders(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().Secrets(), configMapInformer, logger, observableInformers.WithInformer, @@ -3090,8 +3090,8 @@ func TestGitHubUpstreamWatcherControllerFilterGitHubIDP(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), gitHubIdentityProviderInformer, - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().ConfigMaps(), logger, observableInformers.WithInformer, clock.RealClock{}, diff --git a/internal/controller/supervisorconfig/jwks_observer_test.go b/internal/controller/supervisorconfig/jwks_observer_test.go index 5730a0b34..a707bd731 100644 --- a/internal/controller/supervisorconfig/jwks_observer_test.go +++ b/internal/controller/supervisorconfig/jwks_observer_test.go @@ -15,7 +15,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -126,7 +126,7 @@ func TestJWKSObserverControllerSync(t *testing.T) { r *require.Assertions subject controllerlib.Controller pinnipedInformerClient *supervisorfake.Clientset - kubeInformerClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset pinnipedInformers supervisorinformers.SharedInformerFactory kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context @@ -167,7 +167,7 @@ func TestJWKSObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() diff --git a/internal/controller/supervisorconfig/jwks_writer_test.go b/internal/controller/supervisorconfig/jwks_writer_test.go index e9a401ff8..09636b4d5 100644 --- a/internal/controller/supervisorconfig/jwks_writer_test.go +++ b/internal/controller/supervisorconfig/jwks_writer_test.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" @@ -171,7 +171,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -225,7 +225,7 @@ func TestJWKSWriterControllerFilterFederationDomain(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -332,7 +332,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { name string key controllerlib.Key secrets []*corev1.Secret - configKubeClient func(*kubernetesfake.Clientset) + configKubeClient func(*kubefake.Clientset) configPinnipedClient func(*supervisorfake.Clientset) federationDomains []*supervisorconfigv1alpha1.FederationDomain generateKeyErr error @@ -600,7 +600,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { federationDomains: []*supervisorconfigv1alpha1.FederationDomain{ goodFederationDomain, }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -613,7 +613,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { federationDomains: []*supervisorconfigv1alpha1.FederationDomain{ goodFederationDomain, }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("create", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -629,7 +629,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { secrets: []*corev1.Secret{ newSecret("", ""), }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -675,8 +675,8 @@ func TestJWKSWriterControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() for _, secret := range test.secrets { require.NoError(t, kubeAPIClient.Tracker().Add(secret)) require.NoError(t, kubeInformerClient.Tracker().Add(secret)) diff --git a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go index 62bb5ec27..b17f499e7 100644 --- a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go @@ -19,7 +19,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -98,7 +98,7 @@ func TestLDAPUpstreamWatcherControllerFilterSecrets(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -144,7 +144,7 @@ func TestLDAPUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -190,7 +190,7 @@ func TestLDAPUpstreamWatcherControllerFilterLDAPIdentityProviders(t *testing.T) fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -1411,7 +1411,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputSecrets...) + fakeKubeClient := kubefake.NewClientset(tt.inputSecrets...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetLDAPIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go index 475491cb9..43a1a1b31 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go @@ -14,7 +14,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -63,7 +63,7 @@ func TestOIDCClientWatcherControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( @@ -133,7 +133,7 @@ func TestOIDCClientWatcherControllerFilterOIDCClient(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( @@ -963,7 +963,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClientForInformers := supervisorfake.NewSimpleClientset(tt.inputObjects...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClientForInformers, 0) - fakeKubeClient := kubernetesfake.NewClientset(tt.inputSecrets...) + fakeKubeClient := kubefake.NewClientset(tt.inputSecrets...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) controller := NewOIDCClientWatcherController( diff --git a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go index 62a7f5eca..7cae9fead 100644 --- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go @@ -25,7 +25,7 @@ import ( "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -104,7 +104,7 @@ func TestOIDCUpstreamWatcherControllerFilterSecret(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -165,7 +165,7 @@ func TestOIDCUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -1765,7 +1765,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputResources...) + fakeKubeClient := kubefake.NewClientset(tt.inputResources...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/tls_cert_observer_test.go b/internal/controller/supervisorconfig/tls_cert_observer_test.go index 1ec1f8660..e8f7d1eb7 100644 --- a/internal/controller/supervisorconfig/tls_cert_observer_test.go +++ b/internal/controller/supervisorconfig/tls_cert_observer_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -132,7 +132,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) { r *require.Assertions subject controllerlib.Controller pinnipedInformerClient *supervisorfake.Clientset - kubeInformerClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset pinnipedInformers supervisorinformers.SharedInformerFactory kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context @@ -180,7 +180,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() diff --git a/internal/controller/supervisorstorage/garbage_collector_test.go b/internal/controller/supervisorstorage/garbage_collector_test.go index 1f80fc8eb..85c150cf9 100644 --- a/internal/controller/supervisorstorage/garbage_collector_test.go +++ b/internal/controller/supervisorstorage/garbage_collector_test.go @@ -20,7 +20,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "k8s.io/utils/clock" clocktesting "k8s.io/utils/clock/testing" @@ -131,8 +131,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) { var ( r *require.Assertions subject controllerlib.Controller - kubeInformerClient *kubernetesfake.Clientset - kubeClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset + kubeClient *kubefake.Clientset kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context cancelContextCancelFunc context.CancelFunc @@ -179,8 +179,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() - kubeClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() + kubeClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) frozenNow = time.Now().UTC() fakeClock = clocktesting.NewFakeClock(frozenNow) diff --git a/internal/controller/tlsconfigutil/tls_config_util_test.go b/internal/controller/tlsconfigutil/tls_config_util_test.go index 34733855f..ad8a896ae 100644 --- a/internal/controller/tlsconfigutil/tls_config_util_test.go +++ b/internal/controller/tlsconfigutil/tls_config_util_test.go @@ -15,7 +15,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" corev1informers "k8s.io/client-go/informers/core/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" authenticationv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" @@ -474,7 +474,7 @@ func TestValidateTLSConfig(t *testing.T) { var secretsInformer corev1informers.SecretInformer var configMapInformer corev1informers.ConfigMapInformer - fakeClient := fake.NewClientset(tt.k8sObjects...) + fakeClient := kubefake.NewClientset(tt.k8sObjects...) sharedInformers := informers.NewSharedInformerFactory(fakeClient, 0) configMapInformer = sharedInformers.Core().V1().ConfigMaps() secretsInformer = sharedInformers.Core().V1().Secrets() diff --git a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go index 4d5b48d35..bfcb45dc8 100644 --- a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go +++ b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go @@ -13,7 +13,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/events" @@ -93,7 +93,7 @@ func TestNewExampleCreatingController(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() for i := range tt.args.services { service := tt.args.services[i] err := kubeClient.Tracker().Add(service) diff --git a/internal/crud/crud_test.go b/internal/crud/crud_test.go index 6800b47bf..9dd396c30 100644 --- a/internal/crud/crud_test.go +++ b/internal/crud/crud_test.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" ) @@ -1292,7 +1292,7 @@ func TestStorage(t *testing.T) { t.Parallel() //nolint:staticcheck // using NewClientset() is possible here, but it will require updating test expectations - client := fake.NewSimpleClientset() + client := kubefake.NewSimpleClientset() if tt.mocks != nil { tt.mocks(t, client) } diff --git a/internal/federationdomain/clientregistry/clientregistry_test.go b/internal/federationdomain/clientregistry/clientregistry_test.go index 5606c98ee..98a908150 100644 --- a/internal/federationdomain/clientregistry/clientregistry_test.go +++ b/internal/federationdomain/clientregistry/clientregistry_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/utils/ptr" @@ -40,7 +40,7 @@ func TestClientManager(t *testing.T) { name string secrets []*corev1.Secret oidcClients []*supervisorconfigv1alpha1.OIDCClient - addKubeReactions func(client *fake.Clientset) + addKubeReactions func(client *kubefake.Clientset) addSupervisorReactions func(client *supervisorfake.Clientset) run func(t *testing.T, subject *ClientManager) }{ @@ -169,7 +169,7 @@ func TestClientManager(t *testing.T) { oidcClients: []*supervisorconfigv1alpha1.OIDCClient{ {ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}}, }, - addKubeReactions: func(client *fake.Clientset) { + addKubeReactions: func(client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action coretesting.Action) (handled bool, ret runtime.Object, err error) { return true, nil, fmt.Errorf("some get Secrets error") }) @@ -256,7 +256,7 @@ func TestClientManager(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() secrets := kubeClient.CoreV1().Secrets(testNamespace) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() diff --git a/internal/federationdomain/endpoints/auth/auth_handler_test.go b/internal/federationdomain/endpoints/auth/auth_handler_test.go index da45bdea0..206176e11 100644 --- a/internal/federationdomain/endpoints/auth/auth_handler_test.go +++ b/internal/federationdomain/endpoints/auth/auth_handler_test.go @@ -24,7 +24,7 @@ import ( "golang.org/x/oauth2" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/utils/ptr" @@ -642,7 +642,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo return ©OfCustomSession } - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, dynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -664,7 +664,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) generateCSRF func() (csrftoken.CSRFToken, error) generatePKCE func() (pkce.Code, error) generateNonce func() (nonce.Nonce, error) @@ -4098,7 +4098,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo subject http.Handler, kubeOauthStore *storage.KubeStorage, supervisorClient *supervisorfake.Clientset, - kubeClient *fake.Clientset, + kubeClient *kubefake.Clientset, secretsClient v1.SecretInterface, actualAuditLog *bytes.Buffer, ) { @@ -4232,7 +4232,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") @@ -4269,7 +4269,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo // Double-check that we are re-using the happy path test case here as we intend. require.Equal(t, "OIDC upstream browser flow happy path using GET without a CSRF cookie", test.name) - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/callback/callback_handler_test.go b/internal/federationdomain/endpoints/callback/callback_handler_test.go index 04ff0d343..03d7bef1d 100644 --- a/internal/federationdomain/endpoints/callback/callback_handler_test.go +++ b/internal/federationdomain/endpoints/callback/callback_handler_test.go @@ -19,7 +19,7 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/crypto/bcrypt" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -212,7 +212,7 @@ func TestCallbackEndpoint(t *testing.T) { // Note that fosite puts the granted scopes as a param in the redirect URI even though the spec doesn't seem to require it happyDownstreamRedirectLocationRegexp := downstreamRedirectURI + `\?code=([^&]+)&scope=openid\+username\+groups&state=` + happyDownstreamState - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -227,7 +227,7 @@ func TestCallbackEndpoint(t *testing.T) { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) method string path string body string @@ -1054,7 +1054,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope, and does not actually request username scope in authorize request, does not get username in ID token", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1097,7 +1097,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope, and does not actually request groups scope in authorize request, does not get groups in ID token", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1566,7 +1566,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1595,7 +1595,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -2166,7 +2166,7 @@ func TestCallbackEndpoint(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/login/post_login_handler_test.go b/internal/federationdomain/endpoints/login/post_login_handler_test.go index 6147f1569..2b2bc0e7b 100644 --- a/internal/federationdomain/endpoints/login/post_login_handler_test.go +++ b/internal/federationdomain/endpoints/login/post_login_handler_test.go @@ -15,7 +15,7 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/crypto/bcrypt" "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -280,7 +280,7 @@ func TestPostLoginEndpoint(t *testing.T) { return urlToReturn } - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -298,7 +298,7 @@ func TestPostLoginEndpoint(t *testing.T) { tests := []struct { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) decodedState *oidc.UpstreamStateParamData formParams url.Values reqURIQuery url.Values @@ -707,7 +707,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "happy LDAP login when there are additional allowed downstream requested scopes with dynamic client, when dynamic client is not allowed to request username and does not request username", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -741,7 +741,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "happy LDAP login when there are additional allowed downstream requested scopes with dynamic client, when dynamic client is not allowed to request groups and does not request groups", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -785,7 +785,7 @@ func TestPostLoginEndpoint(t *testing.T) { }, }), ).Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1225,7 +1225,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1245,7 +1245,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1296,7 +1296,7 @@ func TestPostLoginEndpoint(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/token/token_handler_test.go b/internal/federationdomain/endpoints/token/token_handler_test.go index 7ce6814a0..f722bc7a0 100644 --- a/internal/federationdomain/endpoints/token/token_handler_test.go +++ b/internal/federationdomain/endpoints/token/token_handler_test.go @@ -38,7 +38,7 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "k8s.io/apiserver/pkg/warning" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/utils/ptr" @@ -343,7 +343,7 @@ type authcodeExchangeInputs struct { want tokenEndpointResponseExpectedValues } -func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { +func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, @@ -357,8 +357,8 @@ func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervis require.NoError(t, kubeClient.Tracker().Add(secret)) } -func addFullyCapableDynamicClientWithCustomIDTokenLifetimeAndSecretToKubeResources(idTokenLifetime int32) func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { - return func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { +func addFullyCapableDynamicClientWithCustomIDTokenLifetimeAndSecretToKubeResources(idTokenLifetime int32) func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { + return func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, @@ -390,7 +390,7 @@ func TestTokenEndpointAuthcodeExchange(t *testing.T) { tests := []struct { name string authcodeExchange authcodeExchangeInputs - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) }{ // happy path { @@ -1067,7 +1067,7 @@ func TestTokenEndpointWhenAuthcodeIsUsedTwice(t *testing.T) { tests := []struct { name string authcodeExchange authcodeExchangeInputs - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) }{ { name: "authcode exchange succeeds once and then fails when the same authcode is used again", @@ -1181,7 +1181,7 @@ func TestTokenEndpointTokenExchange(t *testing.T) { // tests for grant_type "urn modifyRequestHeaders func(r *http.Request) modifyStorage func(t *testing.T, storage *storage.KubeStorage, secrets v1.SecretInterface, pendingRequest *http.Request) requestedAudience string - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) wantStatus int wantErrorType string @@ -1404,7 +1404,7 @@ func TestTokenEndpointTokenExchange(t *testing.T) { // tests for grant_type "urn }, { name: "dynamic client lacks the required urn:ietf:params:oauth:grant-type:token-exchange grant type", - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { namespace, clientID, clientUID, redirectURI := "some-namespace", dynamicClientID, dynamicClientUID, goodRedirectURI oidcClient := &supervisorconfigv1alpha1.OIDCClient{ ObjectMeta: metav1.ObjectMeta{Namespace: namespace, Name: clientID, Generation: 1, UID: types.UID(clientUID)}, @@ -2375,7 +2375,7 @@ func TestRefreshGrant(t *testing.T) { tests := []struct { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) authcodeExchange authcodeExchangeInputs refreshRequest refreshRequestInputs modifyRefreshTokenStorage func(t *testing.T, oauthStore *storage.KubeStorage, secrets v1.SecretInterface, refreshToken string) @@ -5200,7 +5200,7 @@ func exchangeAuthcodeForTokens( t *testing.T, test authcodeExchangeInputs, idps federationdomainproviders.FederationDomainIdentityProvidersListerFinderI, - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset), + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset), ) ( subject http.Handler, rsp *httptest.ResponseRecorder, @@ -5216,7 +5216,7 @@ func exchangeAuthcodeForTokens( test.modifyAuthRequest(authRequest) } - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets = kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpointsmanager/manager_test.go b/internal/federationdomain/endpointsmanager/manager_test.go index cd990fa58..4f2d965c8 100644 --- a/internal/federationdomain/endpointsmanager/manager_test.go +++ b/internal/federationdomain/endpointsmanager/manager_test.go @@ -17,7 +17,7 @@ import ( "github.com/go-jose/go-jose/v4" "github.com/sclevine/spec" "github.com/stretchr/testify/require" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" "go.pinniped.dev/internal/config/supervisor" @@ -43,7 +43,7 @@ func TestManager(t *testing.T) { fallbackHandlerWasCalled bool dynamicJWKSProvider jwks.DynamicJWKSProvider federationDomainIDPs []*federationdomainproviders.FederationDomainIdentityProvider - kubeClient *fake.Clientset + kubeClient *kubefake.Clientset ) const ( @@ -345,7 +345,7 @@ func TestManager(t *testing.T) { Build(), ).BuildDynamicUpstreamIDPProvider() - kubeClient = fake.NewClientset() + kubeClient = kubefake.NewClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") //nolint:staticcheck // our codegen does not yet generate a NewClientset() function oidcClientsClient := supervisorfake.NewSimpleClientset().ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/fositestorage/accesstoken/accesstoken_test.go b/internal/fositestorage/accesstoken/accesstoken_test.go index d0f64cf8b..2cbda7dd0 100644 --- a/internal/fositestorage/accesstoken/accesstoken_test.go +++ b/internal/fositestorage/accesstoken/accesstoken_test.go @@ -17,7 +17,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -293,8 +293,8 @@ func TestCreateWithoutRequesterID(t *testing.T) { require.Equal(t, request.ID, actualSecret.Labels["storage.pinniped.dev/request-id"]) } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, RevocationStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/authorizationcode/authorizationcode_test.go b/internal/fositestorage/authorizationcode/authorizationcode_test.go index 41443b0a7..81df23a4e 100644 --- a/internal/fositestorage/authorizationcode/authorizationcode_test.go +++ b/internal/fositestorage/authorizationcode/authorizationcode_test.go @@ -29,7 +29,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" kubetesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -276,8 +276,8 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { require.EqualError(t, err, "requester's client must be of type clientregistry.Client") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, fositeoauth2.AuthorizeCodeStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, fositeoauth2.AuthorizeCodeStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, @@ -387,7 +387,7 @@ func TestFuzzAndJSONNewValidEmptyAuthorizeCodeSession(t *testing.T) { const name = "fuzz" // value is irrelevant ctx := context.Background() - secrets := fake.NewClientset().CoreV1().Secrets(name) + secrets := kubefake.NewClientset().CoreV1().Secrets(name) storage := New(secrets, func() time.Time { return fakeNow }, func(requester fosite.Requester) time.Duration { return lifetime }) // issue a create using the fuzzed request to confirm that marshalling works diff --git a/internal/fositestorage/openidconnect/openidconnect_test.go b/internal/fositestorage/openidconnect/openidconnect_test.go index 2dbd2b91d..b4b3094b0 100644 --- a/internal/fositestorage/openidconnect/openidconnect_test.go +++ b/internal/fositestorage/openidconnect/openidconnect_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -216,8 +216,8 @@ func TestAuthcodeHasNoDot(t *testing.T) { require.EqualError(t, err, "malformed authorization code") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, openid.OpenIDConnectRequestStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, openid.OpenIDConnectRequestStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/pkce/pkce_test.go b/internal/fositestorage/pkce/pkce_test.go index b5b845bd9..98ed1b1e1 100644 --- a/internal/fositestorage/pkce/pkce_test.go +++ b/internal/fositestorage/pkce/pkce_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -214,8 +214,8 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { require.EqualError(t, err, "requester's client must be of type clientregistry.Client") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, pkce.PKCERequestStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, pkce.PKCERequestStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/refreshtoken/refreshtoken_test.go b/internal/fositestorage/refreshtoken/refreshtoken_test.go index 3fe1bd092..4bb7d087f 100644 --- a/internal/fositestorage/refreshtoken/refreshtoken_test.go +++ b/internal/fositestorage/refreshtoken/refreshtoken_test.go @@ -17,7 +17,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -350,8 +350,8 @@ func TestCreateWithoutRequesterID(t *testing.T) { require.Equal(t, request.ID, actualSecret.Labels["storage.pinniped.dev/request-id"]) } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, RevocationStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/localuserauthenticator/localuserauthenticator_test.go b/internal/localuserauthenticator/localuserauthenticator_test.go index 01c0931a9..eb1e80ab6 100644 --- a/internal/localuserauthenticator/localuserauthenticator_test.go +++ b/internal/localuserauthenticator/localuserauthenticator_test.go @@ -27,7 +27,7 @@ import ( k8sinformers "k8s.io/client-go/informers" corev1informers "k8s.io/client-go/informers/core/v1" "k8s.io/client-go/kubernetes" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" "go.pinniped.dev/internal/certauthority" "go.pinniped.dev/internal/dynamiccert" @@ -50,7 +50,7 @@ func TestWebhook(t *testing.T) { group0, group1 := "some-group-0", "some-group-1" groups := group0 + " , " + group1 - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() addSecretToFakeClientTracker(t, kubeClient, user, password, groups) addSecretToFakeClientTracker(t, kubeClient, otherUser, otherPassword, groups) addSecretToFakeClientTracker(t, kubeClient, colonUser, colonPassword, groups) @@ -550,7 +550,7 @@ func authenticatedResponseJSON(user string, groups []string) *authenticationv1be } } -func addSecretToFakeClientTracker(t *testing.T, kubeClient *kubernetesfake.Clientset, username, password, groups string) { +func addSecretToFakeClientTracker(t *testing.T, kubeClient *kubefake.Clientset, username, password, groups string) { passwordHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost) require.NoError(t, err) diff --git a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go index 8509426c8..a1b7cb300 100644 --- a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go +++ b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go @@ -14,7 +14,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/testutil" @@ -117,7 +117,7 @@ func TestGet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() if tt.secret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.secret)) } @@ -148,7 +148,7 @@ func TestSet(t *testing.T) { oidcClientUID types.UID hashes []string seedSecret *corev1.Secret - addReactors func(*fake.Clientset) + addReactors func(*kubefake.Clientset) wantErr string wantActions []coretesting.Action }{ @@ -236,7 +236,7 @@ func TestSet(t *testing.T) { oidcClientName: "some-client", oidcClientUID: types.UID("some-example-uid1"), hashes: []string{"foo", "bar"}, - addReactors: func(clientSet *fake.Clientset) { + addReactors: func(clientSet *kubefake.Clientset) { clientSet.PrependReactor("create", "secrets", func(action coretesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -291,7 +291,7 @@ func TestSet(t *testing.T) { "pinniped-storage-version": []byte("1"), }, }, - addReactors: func(clientSet *fake.Clientset) { + addReactors: func(clientSet *kubefake.Clientset) { clientSet.PrependReactor("update", "secrets", func(action coretesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error maybe a conflict or something else") }) @@ -326,7 +326,7 @@ func TestSet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() if tt.seedSecret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.seedSecret)) } @@ -390,7 +390,7 @@ func TestGetStorageSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() require.NoError(t, kubeClient.Tracker().Add(tt.secret)) subject := New(kubeClient.CoreV1().Secrets("some-namespace")) diff --git a/internal/testutil/oidctestutil/session_storage_assertions.go b/internal/testutil/oidctestutil/session_storage_assertions.go index 143aac071..cfa9952dd 100644 --- a/internal/testutil/oidctestutil/session_storage_assertions.go +++ b/internal/testutil/oidctestutil/session_storage_assertions.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidctestutil @@ -15,7 +15,7 @@ import ( "github.com/ory/fosite" "github.com/stretchr/testify/require" "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" kubetesting "k8s.io/client-go/testing" @@ -32,7 +32,7 @@ func RequireAuthCodeRegexpMatch( t *testing.T, actualContent string, wantRegexp string, - kubeClient *fake.Clientset, + kubeClient *kubefake.Clientset, secretsClient v1.SecretInterface, oauthStore fositestoragei.AllFositeStorage, wantDownstreamGrantedScopes []string, diff --git a/internal/testutil/psession.go b/internal/testutil/psession.go index bd3d5ad2e..6bfa9a6ba 100644 --- a/internal/testutil/psession.go +++ b/internal/testutil/psession.go @@ -1,4 +1,4 @@ -// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package testutil @@ -8,7 +8,7 @@ import ( "github.com/ory/fosite/handler/openid" corev1 "k8s.io/api/core/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" testing2 "k8s.io/client-go/testing" "go.pinniped.dev/internal/psession" @@ -39,10 +39,10 @@ func NewFakePinnipedSession() *psession.PinnipedSession { } } -func LogActualJSONFromCreateAction(t *testing.T, client *fake.Clientset, actionIndex int) { +func LogActualJSONFromCreateAction(t *testing.T, client *kubefake.Clientset, actionIndex int) { t.Log("actual value of CreateAction secret data", string(client.Actions()[actionIndex].(testing2.CreateActionImpl).Object.(*corev1.Secret).Data["pinniped-storage-data"])) } -func LogActualJSONFromUpdateAction(t *testing.T, client *fake.Clientset, actionIndex int) { +func LogActualJSONFromUpdateAction(t *testing.T, client *kubefake.Clientset, actionIndex int) { t.Log("actual value of UpdateAction secret data", string(client.Actions()[actionIndex].(testing2.UpdateActionImpl).Object.(*corev1.Secret).Data["pinniped-storage-data"])) } diff --git a/internal/tokenclient/tokenclient_test.go b/internal/tokenclient/tokenclient_test.go index a4fcbbd28..1abaf63c5 100644 --- a/internal/tokenclient/tokenclient_test.go +++ b/internal/tokenclient/tokenclient_test.go @@ -14,7 +14,7 @@ import ( authenticationv1 "k8s.io/api/authentication/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" "k8s.io/utils/clock" @@ -30,7 +30,7 @@ const ( func TestNew(t *testing.T) { mockWhatToDoWithTokenFunc := *new(WhatToDoWithTokenFunc) - mockClient := fake.NewClientset().CoreV1().ServiceAccounts("") + mockClient := kubefake.NewClientset().CoreV1().ServiceAccounts("") mockTime := time.Now() mockClock := clocktesting.NewFakeClock(mockTime) logger, _ := plog.TestLogger(t) @@ -171,7 +171,7 @@ func TestFetchToken(t *testing.T) { require.NotEmpty(t, tt.serviceAccountName) - mockClient := fake.NewClientset() + mockClient := kubefake.NewClientset() tokenClient := New( tt.serviceAccountName, mockClient.CoreV1().ServiceAccounts("any-namespace-works"), @@ -322,7 +322,7 @@ func TestStart(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - mockClient := fake.NewClientset() + mockClient := kubefake.NewClientset() logger, _ := plog.TestLogger(t) var mutex sync.Mutex From 54d530784df22e530a1354778049b6e18648cfee Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 22 Dec 2025 11:03:46 -0800 Subject: [PATCH 11/11] upgrade to golangci-lint v2.7.2, bring back some nolint directives --- hack/lib/lint-version.txt | 2 +- .../supervisorconfig/oidcclientwatcher/oidc_client_watcher.go | 1 + internal/endpointaddr/endpointaddr.go | 2 +- internal/plog/config.go | 2 +- internal/plog/level.go | 3 ++- internal/testutil/totp/totp.go | 2 +- test/integration/limited_ciphers_utils_test.go | 2 +- 7 files changed, 8 insertions(+), 6 deletions(-) diff --git a/hack/lib/lint-version.txt b/hack/lib/lint-version.txt index 860487ca1..37c2961c2 100644 --- a/hack/lib/lint-version.txt +++ b/hack/lib/lint-version.txt @@ -1 +1 @@ -2.7.1 +2.7.2 diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go index 8662ec965..acd4aa260 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher.go @@ -146,6 +146,7 @@ func (c *oidcClientWatcherController) updateStatus( updated.Status.Phase = supervisorconfigv1alpha1.OIDCClientPhaseError } + //nolint:gosec // looks like we are willing to accept the risk that there are less than 2147483647 dynamic clients updated.Status.TotalClientSecrets = int32(totalClientSecrets) if equality.Semantic.DeepEqual(upstream, updated) { diff --git a/internal/endpointaddr/endpointaddr.go b/internal/endpointaddr/endpointaddr.go index 08b68c6da..b22dd849a 100644 --- a/internal/endpointaddr/endpointaddr.go +++ b/internal/endpointaddr/endpointaddr.go @@ -73,7 +73,7 @@ func Parse(endpoint string, defaultPort uint16) (HostPort, error) { return HostPort{ Host: host, - Port: uint16(integerPort), // this cast is checked by validation.IsValidPortNum above + Port: uint16(integerPort), //nolint:gosec // this cast is checked by validation.IsValidPortNum above }, nil } diff --git a/internal/plog/config.go b/internal/plog/config.go index 95de96180..b8ce5a00a 100644 --- a/internal/plog/config.go +++ b/internal/plog/config.go @@ -58,7 +58,7 @@ func ValidateAndSetLogLevelAndFormatGlobally(ctx context.Context, spec LogSpec) panic(err) // programmer error } // the range for klogLevel is [0,108] - globalLevel.SetLevel(zapcore.Level(-klogLevel)) // klog levels are inverted when zap handles them + globalLevel.SetLevel(zapcore.Level(-klogLevel)) //nolint:gosec // klog levels are inverted when zap handles them var encoding string switch spec.Format { diff --git a/internal/plog/level.go b/internal/plog/level.go index 55c4641a5..46ad691a8 100644 --- a/internal/plog/level.go +++ b/internal/plog/level.go @@ -44,7 +44,8 @@ const ( func Enabled(level LogLevel) bool { l := klogLevelForPlogLevel(level) // check that both our global level and the klog global level agree that the plog level is enabled - // klog levels are inverted when zap handles them. The range for klogLevel is [0,108]. + // klog levels are inverted when zap handles them. + //nolint:gosec // the range for klogLevel is [0,108] return globalLevel.Enabled(zapcore.Level(-l)) && klog.V(l).Enabled() } diff --git a/internal/testutil/totp/totp.go b/internal/testutil/totp/totp.go index bb01bd6ea..30d1248b2 100644 --- a/internal/testutil/totp/totp.go +++ b/internal/testutil/totp/totp.go @@ -80,7 +80,7 @@ func GenerateOTPCode(t *testing.T, token string, when time.Time) (string, int64) ((int(sum[offset+2] & mask3)) << shift8) | (int(sum[offset+3]) & mask3)) - modulo := int32(value % int64(math.Pow10(length))) // the resulting number must be less than 10^6 + modulo := int32(value % int64(math.Pow10(length))) //nolint:gosec // the resulting number must be less than 10^6 format := fmt.Sprintf("%%0%dd", length) diff --git a/test/integration/limited_ciphers_utils_test.go b/test/integration/limited_ciphers_utils_test.go index ec07bcf1e..3b6682bcb 100644 --- a/test/integration/limited_ciphers_utils_test.go +++ b/test/integration/limited_ciphers_utils_test.go @@ -115,7 +115,7 @@ func expectTLSConfigForServicePort( ) { portAsInt, err := strconv.Atoi(localPortAsStr) require.NoError(t, err) - portAsUint := uint16(portAsInt) // okay to cast because it will only be legal port numbers + portAsUint := uint16(portAsInt) //nolint:gosec // okay to cast because it will only be legal port numbers startKubectlPortForward(ctx, t, localPortAsStr, "443", serviceName, serviceNamespace)